Blame - fs/cifs/cifsencrypt.c - kernel/msm-4.19

blob: 68abbb0db60898cc417ecfa03a8c11e5fe136c93 [file] [log] [blame]

Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	1	/*
				2	* fs/cifs/cifsencrypt.c
				3	*
Steve French	8b7a454	2015-03-30 16:58:17 -0500	[diff] [blame]	4	* Encryption and hashing operations relating to NTLM, NTLMv2. See MS-NLMP
				5	* for more detailed information
				6	*
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	7	* Copyright (C) International Business Machines Corp., 2005,2013
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	8	* Author(s): Steve French (sfrench@us.ibm.com)
				9	*
				10	* This library is free software; you can redistribute it and/or modify
				11	* it under the terms of the GNU Lesser General Public License as published
				12	* by the Free Software Foundation; either version 2.1 of the License, or
				13	* (at your option) any later version.
				14	*
				15	* This library is distributed in the hope that it will be useful,
				16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
				18	* the GNU Lesser General Public License for more details.
				19	*
				20	* You should have received a copy of the GNU Lesser General Public License
				21	* along with this library; if not, write to the Free Software
				22	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
				23	*/
				24
				25	#include <linux/fs.h>
Tejun Heo	5a0e3ad	2010-03-24 17:04:11 +0900	[diff] [blame]	26	#include <linux/slab.h>
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	27	#include "cifspdu.h"
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	28	#include "cifsglob.h"
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	29	#include "cifs_debug.h"
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	30	#include "cifs_unicode.h"
				31	#include "cifsproto.h"
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	32	#include "ntlmssp.h"
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	33	#include <linux/ctype.h>
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	34	#include <linux/random.h>
Jeff Layton	fb308a6	2012-09-18 16:20:35 -0700	[diff] [blame]	35	#include <linux/highmem.h>
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	36	#include <crypto/skcipher.h>
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	37	#include <crypto/aead.h>
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	38
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	39	static int
				40	cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server)
				41	{
				42	int rc;
				43	unsigned int size;
				44
				45	if (server->secmech.sdescmd5 != NULL)
				46	return 0; /* already allocated */
				47
				48	server->secmech.md5 = crypto_alloc_shash("md5", 0, 0);
				49	if (IS_ERR(server->secmech.md5)) {
				50	cifs_dbg(VFS, "could not allocate crypto md5\n");
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	51	rc = PTR_ERR(server->secmech.md5);
				52	server->secmech.md5 = NULL;
				53	return rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	54	}
				55
				56	size = sizeof(struct shash_desc) +
				57	crypto_shash_descsize(server->secmech.md5);
				58	server->secmech.sdescmd5 = kmalloc(size, GFP_KERNEL);
				59	if (!server->secmech.sdescmd5) {
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	60	crypto_free_shash(server->secmech.md5);
				61	server->secmech.md5 = NULL;
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	62	return -ENOMEM;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	63	}
				64	server->secmech.sdescmd5->shash.tfm = server->secmech.md5;
				65	server->secmech.sdescmd5->shash.flags = 0x0;
				66
				67	return 0;
				68	}
				69
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	70	int __cifs_calc_signature(struct smb_rqst *rqst,
				71	struct TCP_Server_Info server, char signature,
				72	struct shash_desc *shash)
				73	{
				74	int i;
				75	int rc;
				76	struct kvec *iov = rqst->rq_iov;
				77	int n_vec = rqst->rq_nvec;
				78
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	79	if (n_vec < 2 \|\| iov[0].iov_len != 4)
				80	return -EIO;
				81
				82	for (i = 1; i < n_vec; i++) {
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	83	if (iov[i].iov_len == 0)
				84	continue;
				85	if (iov[i].iov_base == NULL) {
				86	cifs_dbg(VFS, "null iovec entry\n");
				87	return -EIO;
				88	}
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	89	if (i == 1 && iov[1].iov_len <= 4)
				90	break; /* nothing to sign or corrupt header */
				91	rc = crypto_shash_update(shash,
				92	iov[i].iov_base, iov[i].iov_len);
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	93	if (rc) {
				94	cifs_dbg(VFS, "%s: Could not update with payload\n",
				95	__func__);
				96	return rc;
				97	}
				98	}
				99
				100	/* now hash over the rq_pages array */
				101	for (i = 0; i < rqst->rq_npages; i++) {
				102	void *kaddr = kmap(rqst->rq_pages[i]);
				103	size_t len = rqst->rq_pagesz;
				104
				105	if (i == rqst->rq_npages - 1)
				106	len = rqst->rq_tailsz;
				107
				108	crypto_shash_update(shash, kaddr, len);
				109
				110	kunmap(rqst->rq_pages[i]);
				111	}
				112
				113	rc = crypto_shash_final(shash, signature);
				114	if (rc)
				115	cifs_dbg(VFS, "%s: Could not generate hash\n", __func__);
				116
				117	return rc;
				118	}
				119
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	120	/*
				121	* Calculate and return the CIFS signature based on the mac key and SMB PDU.
				122	* The 16 byte signature must be allocated by the caller. Note we only use the
				123	* 1st eight bytes and that the smb header signature field on input contains
				124	* the sequence number before this function is called. Also, this function
				125	* should be called with the server->srv_mutex held.
				126	*/
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	127	static int cifs_calc_signature(struct smb_rqst *rqst,
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	128	struct TCP_Server_Info server, char signature)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	129	{
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	130	int rc;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	131
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	132	if (!rqst->rq_iov \|\| !signature \|\| !server)
Steve French	e9917a0	2006-03-31 21:22:00 +0000	[diff] [blame]	133	return -EINVAL;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	134
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	135	if (!server->secmech.sdescmd5) {
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	136	rc = cifs_crypto_shash_md5_allocate(server);
				137	if (rc) {
				138	cifs_dbg(VFS, "%s: Can't alloc md5 crypto\n", __func__);
				139	return -1;
				140	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	141	}
				142
				143	rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
				144	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	145	cifs_dbg(VFS, "%s: Could not init md5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	146	return rc;
				147	}
				148
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	149	rc = crypto_shash_update(&server->secmech.sdescmd5->shash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	150	server->session_key.response, server->session_key.len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	151	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	152	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	153	return rc;
				154	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	155
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	156	return __cifs_calc_signature(rqst, server, signature,
				157	&server->secmech.sdescmd5->shash);
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	158	}
				159
Jeff Layton	a0f8b4f	2011-01-07 11:30:28 -0500	[diff] [blame]	160	/* must be called with server->srv_mutex held */
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	161	int cifs_sign_rqst(struct smb_rqst rqst, struct TCP_Server_Info server,
Steve French	63d2583	2007-11-05 21:46:10 +0000	[diff] [blame]	162	__u32 *pexpected_response_sequence_number)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	163	{
				164	int rc = 0;
				165	char smb_signature[20];
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	166	struct smb_hdr cifs_pdu = (struct smb_hdr )rqst->rq_iov[0].iov_base;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	167
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	168	if (rqst->rq_iov[0].iov_len != 4 \|\|
				169	rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
				170	return -EIO;
				171
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	172	if ((cifs_pdu == NULL) \|\| (server == NULL))
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	173	return -EINVAL;
				174
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	175	if (!(cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) \|\|
				176	server->tcpStatus == CifsNeedNegotiate)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	177	return rc;
				178
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	179	if (!server->session_estab) {
Jeff Layton	b4dacbc	2011-10-11 06:41:32 -0400	[diff] [blame]	180	memcpy(cifs_pdu->Signature.SecuritySignature, "BSRSPYL", 8);
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	181	return rc;
				182	}
				183
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	184	cifs_pdu->Signature.Sequence.SequenceNumber =
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	185	cpu_to_le32(server->sequence_number);
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	186	cifs_pdu->Signature.Sequence.Reserved = 0;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	187
Jeff Layton	0124cc4	2013-04-03 11:55:03 -0400	[diff] [blame]	188	*pexpected_response_sequence_number = ++server->sequence_number;
				189	++server->sequence_number;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	190
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	191	rc = cifs_calc_signature(rqst, server, smb_signature);
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	192	if (rc)
				193	memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
				194	else
				195	memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	196
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	197	return rc;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	198	}
				199
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	200	int cifs_sign_smbv(struct kvec iov, int n_vec, struct TCP_Server_Info server,
				201	__u32 *pexpected_response_sequence)
				202	{
				203	struct smb_rqst rqst = { .rq_iov = iov,
				204	.rq_nvec = n_vec };
				205
				206	return cifs_sign_rqst(&rqst, server, pexpected_response_sequence);
				207	}
				208
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	209	/* must be called with server->srv_mutex held */
				210	int cifs_sign_smb(struct smb_hdr cifs_pdu, struct TCP_Server_Info server,
				211	__u32 *pexpected_response_sequence_number)
				212	{
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	213	struct kvec iov[2];
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	214
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	215	iov[0].iov_base = cifs_pdu;
				216	iov[0].iov_len = 4;
				217	iov[1].iov_base = (char *)cifs_pdu + 4;
				218	iov[1].iov_len = be32_to_cpu(cifs_pdu->smb_buf_length);
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	219
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	220	return cifs_sign_smbv(iov, 2, server,
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	221	pexpected_response_sequence_number);
				222	}
				223
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	224	int cifs_verify_signature(struct smb_rqst *rqst,
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	225	struct TCP_Server_Info *server,
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	226	__u32 expected_sequence_number)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	227	{
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	228	unsigned int rc;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	229	char server_response_sig[8];
				230	char what_we_think_sig_should_be[20];
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	231	struct smb_hdr cifs_pdu = (struct smb_hdr )rqst->rq_iov[0].iov_base;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	232
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	233	if (rqst->rq_iov[0].iov_len != 4 \|\|
				234	rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
				235	return -EIO;
				236
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	237	if (cifs_pdu == NULL \|\| server == NULL)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	238	return -EINVAL;
				239
Jeff Layton	9c4843e	2011-06-06 15:40:23 -0400	[diff] [blame]	240	if (!server->session_estab)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	241	return 0;
				242
				243	if (cifs_pdu->Command == SMB_COM_LOCKING_ANDX) {
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	244	struct smb_com_lock_req *pSMB =
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	245	(struct smb_com_lock_req *)cifs_pdu;
				246	if (pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	247	return 0;
				248	}
				249
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	250	/* BB what if signatures are supposed to be on for session but
				251	server does not send one? BB */
				252
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	253	/* Do not need to verify session setups with signature "BSRSPYL " */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	254	if (memcmp(cifs_pdu->Signature.SecuritySignature, "BSRSPYL ", 8) == 0)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	255	cifs_dbg(FYI, "dummy signature received for smb command 0x%x\n",
				256	cifs_pdu->Command);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	257
				258	/* save off the origiginal signature so we can modify the smb and check
				259	its signature against what the server sent */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	260	memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	261
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	262	cifs_pdu->Signature.Sequence.SequenceNumber =
				263	cpu_to_le32(expected_sequence_number);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	264	cifs_pdu->Signature.Sequence.Reserved = 0;
				265
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	266	mutex_lock(&server->srv_mutex);
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	267	rc = cifs_calc_signature(rqst, server, what_we_think_sig_should_be);
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	268	mutex_unlock(&server->srv_mutex);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	269
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	270	if (rc)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	271	return rc;
				272
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	273	/* cifs_dump_mem("what we think it should be: ",
				274	what_we_think_sig_should_be, 16); */
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	275
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	276	if (memcmp(server_response_sig, what_we_think_sig_should_be, 8))
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	277	return -EACCES;
				278	else
				279	return 0;
				280
				281	}
				282
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	283	/* first calculate 24 bytes ntlm response and then 16 byte session key */
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	284	int setup_ntlm_response(struct cifs_ses ses, const struct nls_table nls_cp)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	285	{
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	286	int rc = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	287	unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;
				288	char temp_key[CIFS_SESS_KEY_SIZE];
				289
				290	if (!ses)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	291	return -EINVAL;
				292
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	293	ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	294	if (!ses->auth_key.response)
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	295	return -ENOMEM;
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	296
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	297	ses->auth_key.len = temp_len;
				298
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	299	rc = SMBNTencrypt(ses->password, ses->server->cryptkey,
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	300	ses->auth_key.response + CIFS_SESS_KEY_SIZE, nls_cp);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	301	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	302	cifs_dbg(FYI, "%s Can't generate NTLM response, error: %d\n",
				303	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	304	return rc;
				305	}
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	306
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	307	rc = E_md4hash(ses->password, temp_key, nls_cp);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	308	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	309	cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",
				310	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	311	return rc;
				312	}
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	313
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	314	rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
				315	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	316	cifs_dbg(FYI, "%s Can't generate NTLM session key, error: %d\n",
				317	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	318
				319	return rc;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	320	}
				321
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	322	#ifdef CONFIG_CIFS_WEAK_PW_HASH
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	323	int calc_lanman_hash(const char password, const char cryptkey, bool encrypt,
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	324	char *lnm_session_key)
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	325	{
				326	int i;
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	327	int rc;
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	328	char password_with_pad[CIFS_ENCPWD_SIZE];
				329
				330	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	331	if (password)
				332	strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	333
Jeff Layton	04912d6	2010-04-24 07:57:45 -0400	[diff] [blame]	334	if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	335	memcpy(lnm_session_key, password_with_pad,
				336	CIFS_ENCPWD_SIZE);
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	337	return 0;
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	338	}
Steve French	bdc4bf6e	2006-06-02 22:57:13 +0000	[diff] [blame]	339
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	340	/* calculate old style session key */
				341	/* calling toupper is less broken than repeatedly
				342	calling nls_toupper would be since that will never
				343	work for UTF8, but neither handles multibyte code pages
				344	but the only alternative would be converting to UCS-16 (Unicode)
				345	(using a routine something like UniStrupr) then
				346	uppercasing and then converting back from Unicode - which
				347	would only worth doing it if we knew it were utf8. Basically
				348	utf8 and other multibyte codepages each need their own strupper
				349	function since a byte at a time will ont work. */
				350
Shirish Pargaonkar	ef571ca	2008-07-24 15:56:05 +0000	[diff] [blame]	351	for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	352	password_with_pad[i] = toupper(password_with_pad[i]);
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	353
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	354	rc = SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	355
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	356	return rc;
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	357	}
				358	#endif /* CIFS_WEAK_PW_HASH */
				359
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	360	/* Build a proper attribute value/target info pairs blob.
				361	* Fill in netbios and dns domain name and workstation name
				362	* and client time (total five av pairs and + one end of fields indicator.
				363	* Allocate domain name which gets freed when session struct is deallocated.
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	364	*/
				365	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	366	build_avpair_blob(struct cifs_ses ses, const struct nls_table nls_cp)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	367	{
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	368	unsigned int dlen;
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	369	unsigned int size = 2 * sizeof(struct ntlmssp2_name);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	370	char *defdmname = "WORKGROUP";
				371	unsigned char *blobptr;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	372	struct ntlmssp2_name *attrptr;
				373
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	374	if (!ses->domainName) {
				375	ses->domainName = kstrdup(defdmname, GFP_KERNEL);
				376	if (!ses->domainName)
				377	return -ENOMEM;
				378	}
				379
				380	dlen = strlen(ses->domainName);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	381
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	382	/*
				383	* The length of this blob is two times the size of a
				384	* structure (av pair) which holds name/size
				385	* ( for NTLMSSP_AV_NB_DOMAIN_NAME followed by NTLMSSP_AV_EOL ) +
				386	* unicode length of a netbios domain name
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	387	*/
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	388	ses->auth_key.len = size + 2 * dlen;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	389	ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);
				390	if (!ses->auth_key.response) {
				391	ses->auth_key.len = 0;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	392	return -ENOMEM;
				393	}
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	394
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	395	blobptr = ses->auth_key.response;
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	396	attrptr = (struct ntlmssp2_name *) blobptr;
				397
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	398	/*
				399	* As defined in MS-NTLM 3.3.2, just this av pair field
				400	* is sufficient as part of the temp
				401	*/
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	402	attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME);
				403	attrptr->length = cpu_to_le16(2 * dlen);
				404	blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	405	cifs_strtoUTF16((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	406
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	407	return 0;
				408	}
				409
				410	/* Server has provided av pairs/target info in the type 2 challenge
				411	* packet and we have plucked it and stored within smb session.
				412	* We parse that blob here to find netbios domain name to be used
				413	* as part of ntlmv2 authentication (in Target String), if not already
				414	* specified on the command line.
				415	* If this function returns without any error but without fetching
				416	* domain name, authentication may fail against some server but
				417	* may not fail against other (those who are not very particular
				418	* about target string i.e. for some, just user name might suffice.
				419	*/
				420	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	421	find_domain_name(struct cifs_ses ses, const struct nls_table nls_cp)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	422	{
				423	unsigned int attrsize;
				424	unsigned int type;
				425	unsigned int onesize = sizeof(struct ntlmssp2_name);
				426	unsigned char *blobptr;
				427	unsigned char *blobend;
				428	struct ntlmssp2_name *attrptr;
				429
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	430	if (!ses->auth_key.len \|\| !ses->auth_key.response)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	431	return 0;
				432
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	433	blobptr = ses->auth_key.response;
				434	blobend = blobptr + ses->auth_key.len;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	435
				436	while (blobptr + onesize < blobend) {
				437	attrptr = (struct ntlmssp2_name *) blobptr;
				438	type = le16_to_cpu(attrptr->type);
				439	if (type == NTLMSSP_AV_EOL)
				440	break;
				441	blobptr += 2; /* advance attr type */
				442	attrsize = le16_to_cpu(attrptr->length);
				443	blobptr += 2; /* advance attr size */
				444	if (blobptr + attrsize > blobend)
				445	break;
				446	if (type == NTLMSSP_AV_NB_DOMAIN_NAME) {
Chen Gang	057d633	2013-07-19 09:01:36 +0800	[diff] [blame]	447	if (!attrsize \|\| attrsize >= CIFS_MAX_DOMAINNAME_LEN)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	448	break;
				449	if (!ses->domainName) {
				450	ses->domainName =
				451	kmalloc(attrsize + 1, GFP_KERNEL);
				452	if (!ses->domainName)
				453	return -ENOMEM;
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	454	cifs_from_utf16(ses->domainName,
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	455	(__le16 *)blobptr, attrsize, attrsize,
Steve French	b693855	2014-09-25 13:20:05 -0500	[diff] [blame]	456	nls_cp, NO_MAP_UNI_RSVD);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	457	break;
				458	}
				459	}
				460	blobptr += attrsize; /* advance attr value */
				461	}
				462
				463	return 0;
				464	}
				465
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	466	/* Server has provided av pairs/target info in the type 2 challenge
				467	* packet and we have plucked it and stored within smb session.
				468	* We parse that blob here to find the server given timestamp
				469	* as part of ntlmv2 authentication (or local current time as
				470	* default in case of failure)
				471	*/
				472	static __le64
				473	find_timestamp(struct cifs_ses *ses)
				474	{
				475	unsigned int attrsize;
				476	unsigned int type;
				477	unsigned int onesize = sizeof(struct ntlmssp2_name);
				478	unsigned char *blobptr;
				479	unsigned char *blobend;
				480	struct ntlmssp2_name *attrptr;
Deepa Dinamani	e37fea5	2017-05-08 15:59:16 -0700	[diff] [blame]	481	struct timespec ts;
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	482
				483	if (!ses->auth_key.len \|\| !ses->auth_key.response)
				484	return 0;
				485
				486	blobptr = ses->auth_key.response;
				487	blobend = blobptr + ses->auth_key.len;
				488
				489	while (blobptr + onesize < blobend) {
				490	attrptr = (struct ntlmssp2_name *) blobptr;
				491	type = le16_to_cpu(attrptr->type);
				492	if (type == NTLMSSP_AV_EOL)
				493	break;
				494	blobptr += 2; /* advance attr type */
				495	attrsize = le16_to_cpu(attrptr->length);
				496	blobptr += 2; /* advance attr size */
				497	if (blobptr + attrsize > blobend)
				498	break;
				499	if (type == NTLMSSP_AV_TIMESTAMP) {
				500	if (attrsize == sizeof(u64))
				501	return ((__le64 )blobptr);
				502	}
				503	blobptr += attrsize; /* advance attr value */
				504	}
				505
Deepa Dinamani	e37fea5	2017-05-08 15:59:16 -0700	[diff] [blame]	506	ktime_get_real_ts(&ts);
				507	return cpu_to_le64(cifs_UnixTimeToNT(ts));
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	508	}
				509
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	510	static int calc_ntlmv2_hash(struct cifs_ses ses, char ntlmv2_hash,
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	511	const struct nls_table *nls_cp)
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	512	{
				513	int rc = 0;
				514	int len;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	515	char nt_hash[CIFS_NTHASH_SIZE];
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	516	__le16 *user;
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	517	wchar_t *domain;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	518	wchar_t *server;
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	519
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	520	if (!ses->server->secmech.sdeschmacmd5) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	521	cifs_dbg(VFS, "%s: can't generate ntlmv2 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	522	return -1;
				523	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	524
				525	/* calculate md4 hash of password */
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	526	E_md4hash(ses->password, nt_hash, nls_cp);
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	527
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	528	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	529	CIFS_NTHASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	530	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	531	cifs_dbg(VFS, "%s: Could not set NT Hash as a key\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	532	return rc;
				533	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	534
				535	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				536	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	537	cifs_dbg(VFS, "%s: could not init hmacmd5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	538	return rc;
				539	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	540
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	541	/* convert ses->user_name to unicode */
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	542	len = ses->user_name ? strlen(ses->user_name) : 0;
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	543	user = kmalloc(2 + (len * 2), GFP_KERNEL);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	544	if (user == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	545	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	546	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	547	}
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	548
				549	if (len) {
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	550	len = cifs_strtoUTF16(user, ses->user_name, len, nls_cp);
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	551	UniStrupr(user);
				552	} else {
				553	memset(user, '\0', 2);
				554	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	555
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	556	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	557	(char )user, 2 len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	558	kfree(user);
				559	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	560	cifs_dbg(VFS, "%s: Could not update with user\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	561	return rc;
				562	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	563
				564	/* convert ses->domainName to unicode and uppercase */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	565	if (ses->domainName) {
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	566	len = strlen(ses->domainName);
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	567
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	568	domain = kmalloc(2 + (len * 2), GFP_KERNEL);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	569	if (domain == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	570	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	571	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	572	}
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	573	len = cifs_strtoUTF16((__le16 *)domain, ses->domainName, len,
				574	nls_cp);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	575	rc =
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	576	crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
				577	(char )domain, 2 len);
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	578	kfree(domain);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	579	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	580	cifs_dbg(VFS, "%s: Could not update with domain\n",
				581	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	582	return rc;
				583	}
Steve French	8b7a454	2015-03-30 16:58:17 -0500	[diff] [blame]	584	} else {
				585	/* We use ses->serverName if no domain name available */
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	586	len = strlen(ses->serverName);
				587
				588	server = kmalloc(2 + (len * 2), GFP_KERNEL);
				589	if (server == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	590	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	591	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	592	}
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	593	len = cifs_strtoUTF16((__le16 *)server, ses->serverName, len,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	594	nls_cp);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	595	rc =
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	596	crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
				597	(char )server, 2 len);
				598	kfree(server);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	599	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	600	cifs_dbg(VFS, "%s: Could not update with server\n",
				601	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	602	return rc;
				603	}
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	604	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	605
				606	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	607	ntlmv2_hash);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	608	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	609	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	610
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	611	return rc;
				612	}
				613
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	614	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	615	CalcNTLMv2_response(const struct cifs_ses ses, char ntlmv2_hash)
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	616	{
				617	int rc;
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	618	struct ntlmv2_resp ntlmv2 = (struct ntlmv2_resp )
				619	(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
				620	unsigned int hash_len;
				621
				622	/* The MD5 hash starts at challenge_key.key */
				623	hash_len = ses->auth_key.len - (CIFS_SESS_KEY_SIZE +
				624	offsetof(struct ntlmv2_resp, challenge.key[0]));
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	625
				626	if (!ses->server->secmech.sdeschmacmd5) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	627	cifs_dbg(VFS, "%s: can't generate ntlmv2 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	628	return -1;
				629	}
				630
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	631	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	632	ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	633	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	634	cifs_dbg(VFS, "%s: Could not set NTLMV2 Hash as a key\n",
				635	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	636	return rc;
				637	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	638
				639	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				640	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	641	cifs_dbg(VFS, "%s: could not init hmacmd5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	642	return rc;
				643	}
				644
Jeff Layton	3f61822	2013-06-12 19:52:14 -0500	[diff] [blame]	645	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	646	memcpy(ntlmv2->challenge.key,
				647	ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
Shirish Pargaonkar	d3ba50b	2010-10-27 15:20:36 -0500	[diff] [blame]	648	else
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	649	memcpy(ntlmv2->challenge.key,
				650	ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	651	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	652	ntlmv2->challenge.key, hash_len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	653	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	654	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	655	return rc;
				656	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	657
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	658	/* Note that the MD5 digest over writes anon.challenge_key.key */
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	659	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	660	ntlmv2->ntlmv2_hash);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	661	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	662	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	663
				664	return rc;
				665	}
				666
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	667	static int crypto_hmacmd5_alloc(struct TCP_Server_Info *server)
				668	{
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	669	int rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	670	unsigned int size;
				671
				672	/* check if already allocated */
				673	if (server->secmech.sdeschmacmd5)
				674	return 0;
				675
				676	server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0);
				677	if (IS_ERR(server->secmech.hmacmd5)) {
				678	cifs_dbg(VFS, "could not allocate crypto hmacmd5\n");
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	679	rc = PTR_ERR(server->secmech.hmacmd5);
				680	server->secmech.hmacmd5 = NULL;
				681	return rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	682	}
				683
				684	size = sizeof(struct shash_desc) +
				685	crypto_shash_descsize(server->secmech.hmacmd5);
				686	server->secmech.sdeschmacmd5 = kmalloc(size, GFP_KERNEL);
				687	if (!server->secmech.sdeschmacmd5) {
				688	crypto_free_shash(server->secmech.hmacmd5);
				689	server->secmech.hmacmd5 = NULL;
				690	return -ENOMEM;
				691	}
				692	server->secmech.sdeschmacmd5->shash.tfm = server->secmech.hmacmd5;
				693	server->secmech.sdeschmacmd5->shash.flags = 0x0;
				694
				695	return 0;
				696	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	697
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	698	int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	699	setup_ntlmv2_rsp(struct cifs_ses ses, const struct nls_table nls_cp)
Steve French	9fbc590	2010-08-20 20:42:26 +0000	[diff] [blame]	700	{
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	701	int rc;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	702	int baselen;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	703	unsigned int tilen;
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	704	struct ntlmv2_resp *ntlmv2;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	705	char ntlmv2_hash[16];
				706	unsigned char tiblob = NULL; / target info blob */
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	707	__le64 rsp_timestamp;
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	708
Jeff Layton	3f61822	2013-06-12 19:52:14 -0500	[diff] [blame]	709	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	710	if (!ses->domainName) {
Germano Percossi	3956644	2016-12-15 12:31:18 +0530	[diff] [blame]	711	if (ses->domainAuto) {
				712	rc = find_domain_name(ses, nls_cp);
				713	if (rc) {
				714	cifs_dbg(VFS, "error %d finding domain name\n",
				715	rc);
				716	goto setup_ntlmv2_rsp_ret;
				717	}
				718	} else {
				719	ses->domainName = kstrdup("", GFP_KERNEL);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	720	}
				721	}
				722	} else {
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	723	rc = build_avpair_blob(ses, nls_cp);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	724	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	725	cifs_dbg(VFS, "error %d building av pair blob\n", rc);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	726	goto setup_ntlmv2_rsp_ret;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	727	}
				728	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	729
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	730	/* Must be within 5 minutes of the server (or in range +/-2h
				731	* in case of Mac OS X), so simply carry over server timestamp
				732	* (as Windows 7 does)
				733	*/
				734	rsp_timestamp = find_timestamp(ses);
				735
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	736	baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	737	tilen = ses->auth_key.len;
				738	tiblob = ses->auth_key.response;
				739
				740	ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	741	if (!ses->auth_key.response) {
Anton Protopopov	4b550af	2016-02-10 12:50:21 -0500	[diff] [blame]	742	rc = -ENOMEM;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	743	ses->auth_key.len = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	744	goto setup_ntlmv2_rsp_ret;
				745	}
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	746	ses->auth_key.len += baselen;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	747
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	748	ntlmv2 = (struct ntlmv2_resp *)
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	749	(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	750	ntlmv2->blob_signature = cpu_to_le32(0x00000101);
				751	ntlmv2->reserved = 0;
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	752	ntlmv2->time = rsp_timestamp;
				753
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	754	get_random_bytes(&ntlmv2->client_chal, sizeof(ntlmv2->client_chal));
				755	ntlmv2->reserved2 = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	756
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	757	memcpy(ses->auth_key.response + baselen, tiblob, tilen);
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	758
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	759	mutex_lock(&ses->server->srv_mutex);
				760
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	761	rc = crypto_hmacmd5_alloc(ses->server);
				762	if (rc) {
				763	cifs_dbg(VFS, "could not crypto alloc hmacmd5 rc %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	764	goto unlock;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	765	}
				766
Shirish Pargaonkar	f7c5445	2010-10-26 18:10:24 -0500	[diff] [blame]	767	/* calculate ntlmv2_hash */
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	768	rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	769	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	770	cifs_dbg(VFS, "could not get v2 hash rc %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	771	goto unlock;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	772	}
Shirish Pargaonkar	f7c5445	2010-10-26 18:10:24 -0500	[diff] [blame]	773
				774	/* calculate first part of the client response (CR1) */
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	775	rc = CalcNTLMv2_response(ses, ntlmv2_hash);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	776	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	777	cifs_dbg(VFS, "Could not calculate CR1 rc: %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	778	goto unlock;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	779	}
Steve French	b609f06	2007-07-09 07:55:14 +0000	[diff] [blame]	780
Shirish Pargaonkar	5d0d288	2010-10-13 18:15:00 -0500	[diff] [blame]	781	/* now calculate the session key for NTLMv2 */
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	782	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	783	ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	784	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	785	cifs_dbg(VFS, "%s: Could not set NTLMV2 Hash as a key\n",
				786	__func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	787	goto unlock;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	788	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	789
				790	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				791	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	792	cifs_dbg(VFS, "%s: Could not init hmacmd5\n", __func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	793	goto unlock;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	794	}
				795
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	796	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	797	ntlmv2->ntlmv2_hash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	798	CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	799	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	800	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	801	goto unlock;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	802	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	803
				804	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
				805	ses->auth_key.response);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	806	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	807	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	808
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	809	unlock:
				810	mutex_unlock(&ses->server->srv_mutex);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	811	setup_ntlmv2_rsp_ret:
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	812	kfree(tiblob);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	813
				814	return rc;
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	815	}
				816
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	817	int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	818	calc_seckey(struct cifs_ses *ses)
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	819	{
				820	int rc;
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	821	struct crypto_skcipher *tfm_arc4;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	822	struct scatterlist sgin, sgout;
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	823	struct skcipher_request *req;
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	824	unsigned char *sec_key;
				825
				826	sec_key = kmalloc(CIFS_SESS_KEY_SIZE, GFP_KERNEL);
				827	if (sec_key == NULL)
				828	return -ENOMEM;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	829
				830	get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
				831
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	832	tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
Shirish Pargaonkar	7a8587e	2011-01-29 13:54:58 -0600	[diff] [blame]	833	if (IS_ERR(tfm_arc4)) {
				834	rc = PTR_ERR(tfm_arc4);
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	835	cifs_dbg(VFS, "could not allocate crypto API arc4\n");
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	836	goto out;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	837	}
				838
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	839	rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response,
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	840	CIFS_SESS_KEY_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	841	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	842	cifs_dbg(VFS, "%s: Could not set response as a key\n",
				843	__func__);
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	844	goto out_free_cipher;
				845	}
				846
				847	req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL);
				848	if (!req) {
				849	rc = -ENOMEM;
				850	cifs_dbg(VFS, "could not allocate crypto API arc4 request\n");
				851	goto out_free_cipher;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	852	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	853
				854	sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	855	sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	856
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	857	skcipher_request_set_callback(req, 0, NULL, NULL);
				858	skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL);
				859
				860	rc = crypto_skcipher_encrypt(req);
				861	skcipher_request_free(req);
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	862	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	863	cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc);
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	864	goto out_free_cipher;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	865	}
				866
				867	/* make secondary_key/nonce as session key */
				868	memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
				869	/* and make len as that of session key only */
				870	ses->auth_key.len = CIFS_SESS_KEY_SIZE;
				871
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	872	out_free_cipher:
				873	crypto_free_skcipher(tfm_arc4);
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	874	out:
				875	kfree(sec_key);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	876	return rc;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	877	}
				878
				879	void
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	880	cifs_crypto_secmech_release(struct TCP_Server_Info *server)
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	881	{
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	882	if (server->secmech.cmacaes) {
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	883	crypto_free_shash(server->secmech.cmacaes);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	884	server->secmech.cmacaes = NULL;
				885	}
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	886
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	887	if (server->secmech.hmacsha256) {
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	888	crypto_free_shash(server->secmech.hmacsha256);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	889	server->secmech.hmacsha256 = NULL;
				890	}
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	891
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	892	if (server->secmech.md5) {
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	893	crypto_free_shash(server->secmech.md5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	894	server->secmech.md5 = NULL;
				895	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	896
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	897	if (server->secmech.hmacmd5) {
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	898	crypto_free_shash(server->secmech.hmacmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	899	server->secmech.hmacmd5 = NULL;
				900	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	901
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	902	if (server->secmech.ccmaesencrypt) {
				903	crypto_free_aead(server->secmech.ccmaesencrypt);
				904	server->secmech.ccmaesencrypt = NULL;
				905	}
				906
				907	if (server->secmech.ccmaesdecrypt) {
				908	crypto_free_aead(server->secmech.ccmaesdecrypt);
				909	server->secmech.ccmaesdecrypt = NULL;
				910	}
				911
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	912	kfree(server->secmech.sdesccmacaes);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	913	server->secmech.sdesccmacaes = NULL;
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	914	kfree(server->secmech.sdeschmacsha256);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	915	server->secmech.sdeschmacsha256 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	916	kfree(server->secmech.sdeschmacmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	917	server->secmech.sdeschmacmd5 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	918	kfree(server->secmech.sdescmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	919	server->secmech.sdescmd5 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	920	}