Blame - fs/cifs/cifsencrypt.c - kernel/msm-4.19

blob: 058ac9b36f0470a4d04478377cdc12a041df0db4 [file] [log] [blame]

Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	1	/*
				2	* fs/cifs/cifsencrypt.c
				3	*
Steve French	8b7a454	2015-03-30 16:58:17 -0500	[diff] [blame]	4	* Encryption and hashing operations relating to NTLM, NTLMv2. See MS-NLMP
				5	* for more detailed information
				6	*
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	7	* Copyright (C) International Business Machines Corp., 2005,2013
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	8	* Author(s): Steve French (sfrench@us.ibm.com)
				9	*
				10	* This library is free software; you can redistribute it and/or modify
				11	* it under the terms of the GNU Lesser General Public License as published
				12	* by the Free Software Foundation; either version 2.1 of the License, or
				13	* (at your option) any later version.
				14	*
				15	* This library is distributed in the hope that it will be useful,
				16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
				18	* the GNU Lesser General Public License for more details.
				19	*
				20	* You should have received a copy of the GNU Lesser General Public License
				21	* along with this library; if not, write to the Free Software
				22	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
				23	*/
				24
				25	#include <linux/fs.h>
Tejun Heo	5a0e3ad	2010-03-24 17:04:11 +0900	[diff] [blame]	26	#include <linux/slab.h>
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	27	#include "cifspdu.h"
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	28	#include "cifsglob.h"
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	29	#include "cifs_debug.h"
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	30	#include "cifs_unicode.h"
				31	#include "cifsproto.h"
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	32	#include "ntlmssp.h"
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	33	#include <linux/ctype.h>
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	34	#include <linux/random.h>
Jeff Layton	fb308a6	2012-09-18 16:20:35 -0700	[diff] [blame]	35	#include <linux/highmem.h>
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	36	#include <crypto/skcipher.h>
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	37	#include <crypto/aead.h>
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	38
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	39	static int
				40	cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server)
				41	{
				42	int rc;
				43	unsigned int size;
				44
				45	if (server->secmech.sdescmd5 != NULL)
				46	return 0; /* already allocated */
				47
				48	server->secmech.md5 = crypto_alloc_shash("md5", 0, 0);
				49	if (IS_ERR(server->secmech.md5)) {
				50	cifs_dbg(VFS, "could not allocate crypto md5\n");
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	51	rc = PTR_ERR(server->secmech.md5);
				52	server->secmech.md5 = NULL;
				53	return rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	54	}
				55
				56	size = sizeof(struct shash_desc) +
				57	crypto_shash_descsize(server->secmech.md5);
				58	server->secmech.sdescmd5 = kmalloc(size, GFP_KERNEL);
				59	if (!server->secmech.sdescmd5) {
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	60	crypto_free_shash(server->secmech.md5);
				61	server->secmech.md5 = NULL;
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	62	return -ENOMEM;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	63	}
				64	server->secmech.sdescmd5->shash.tfm = server->secmech.md5;
				65	server->secmech.sdescmd5->shash.flags = 0x0;
				66
				67	return 0;
				68	}
				69
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	70	int __cifs_calc_signature(struct smb_rqst *rqst,
				71	struct TCP_Server_Info server, char signature,
				72	struct shash_desc *shash)
				73	{
				74	int i;
				75	int rc;
				76	struct kvec *iov = rqst->rq_iov;
				77	int n_vec = rqst->rq_nvec;
				78
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	79	if (n_vec < 2 \|\| iov[0].iov_len != 4)
				80	return -EIO;
				81
				82	for (i = 1; i < n_vec; i++) {
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	83	if (iov[i].iov_len == 0)
				84	continue;
				85	if (iov[i].iov_base == NULL) {
				86	cifs_dbg(VFS, "null iovec entry\n");
				87	return -EIO;
				88	}
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	89	if (i == 1 && iov[1].iov_len <= 4)
				90	break; /* nothing to sign or corrupt header */
				91	rc = crypto_shash_update(shash,
				92	iov[i].iov_base, iov[i].iov_len);
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	93	if (rc) {
				94	cifs_dbg(VFS, "%s: Could not update with payload\n",
				95	__func__);
				96	return rc;
				97	}
				98	}
				99
				100	/* now hash over the rq_pages array */
				101	for (i = 0; i < rqst->rq_npages; i++) {
				102	void *kaddr = kmap(rqst->rq_pages[i]);
				103	size_t len = rqst->rq_pagesz;
				104
				105	if (i == rqst->rq_npages - 1)
				106	len = rqst->rq_tailsz;
				107
				108	crypto_shash_update(shash, kaddr, len);
				109
				110	kunmap(rqst->rq_pages[i]);
				111	}
				112
				113	rc = crypto_shash_final(shash, signature);
				114	if (rc)
				115	cifs_dbg(VFS, "%s: Could not generate hash\n", __func__);
				116
				117	return rc;
				118	}
				119
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	120	/*
				121	* Calculate and return the CIFS signature based on the mac key and SMB PDU.
				122	* The 16 byte signature must be allocated by the caller. Note we only use the
				123	* 1st eight bytes and that the smb header signature field on input contains
				124	* the sequence number before this function is called. Also, this function
				125	* should be called with the server->srv_mutex held.
				126	*/
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	127	static int cifs_calc_signature(struct smb_rqst *rqst,
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	128	struct TCP_Server_Info server, char signature)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	129	{
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	130	int rc;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	131
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	132	if (!rqst->rq_iov \|\| !signature \|\| !server)
Steve French	e9917a0	2006-03-31 21:22:00 +0000	[diff] [blame]	133	return -EINVAL;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	134
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	135	if (!server->secmech.sdescmd5) {
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	136	rc = cifs_crypto_shash_md5_allocate(server);
				137	if (rc) {
				138	cifs_dbg(VFS, "%s: Can't alloc md5 crypto\n", __func__);
				139	return -1;
				140	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	141	}
				142
				143	rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
				144	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	145	cifs_dbg(VFS, "%s: Could not init md5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	146	return rc;
				147	}
				148
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	149	rc = crypto_shash_update(&server->secmech.sdescmd5->shash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	150	server->session_key.response, server->session_key.len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	151	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	152	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	153	return rc;
				154	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	155
Al Viro	16c568e	2015-11-12 22:46:49 -0500	[diff] [blame]	156	return __cifs_calc_signature(rqst, server, signature,
				157	&server->secmech.sdescmd5->shash);
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	158	}
				159
Jeff Layton	a0f8b4f	2011-01-07 11:30:28 -0500	[diff] [blame]	160	/* must be called with server->srv_mutex held */
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	161	int cifs_sign_rqst(struct smb_rqst rqst, struct TCP_Server_Info server,
Steve French	63d2583	2007-11-05 21:46:10 +0000	[diff] [blame]	162	__u32 *pexpected_response_sequence_number)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	163	{
				164	int rc = 0;
				165	char smb_signature[20];
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	166	struct smb_hdr cifs_pdu = (struct smb_hdr )rqst->rq_iov[0].iov_base;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	167
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	168	if (rqst->rq_iov[0].iov_len != 4 \|\|
				169	rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
				170	return -EIO;
				171
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	172	if ((cifs_pdu == NULL) \|\| (server == NULL))
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	173	return -EINVAL;
				174
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	175	if (!(cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) \|\|
				176	server->tcpStatus == CifsNeedNegotiate)
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	177	return rc;
				178
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	179	if (!server->session_estab) {
Jeff Layton	b4dacbc	2011-10-11 06:41:32 -0400	[diff] [blame]	180	memcpy(cifs_pdu->Signature.SecuritySignature, "BSRSPYL", 8);
Jeff Layton	998d6fc	2011-07-26 12:21:17 -0400	[diff] [blame]	181	return rc;
				182	}
				183
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	184	cifs_pdu->Signature.Sequence.SequenceNumber =
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	185	cpu_to_le32(server->sequence_number);
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	186	cifs_pdu->Signature.Sequence.Reserved = 0;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	187
Jeff Layton	0124cc4	2013-04-03 11:55:03 -0400	[diff] [blame]	188	*pexpected_response_sequence_number = ++server->sequence_number;
				189	++server->sequence_number;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	190
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	191	rc = cifs_calc_signature(rqst, server, smb_signature);
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	192	if (rc)
				193	memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
				194	else
				195	memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	196
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	197	return rc;
Steve French	84afc29	2005-12-02 13:32:45 -0800	[diff] [blame]	198	}
				199
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	200	int cifs_sign_smbv(struct kvec iov, int n_vec, struct TCP_Server_Info server,
				201	__u32 *pexpected_response_sequence)
				202	{
				203	struct smb_rqst rqst = { .rq_iov = iov,
				204	.rq_nvec = n_vec };
				205
				206	return cifs_sign_rqst(&rqst, server, pexpected_response_sequence);
				207	}
				208
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	209	/* must be called with server->srv_mutex held */
				210	int cifs_sign_smb(struct smb_hdr cifs_pdu, struct TCP_Server_Info server,
				211	__u32 *pexpected_response_sequence_number)
				212	{
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	213	struct kvec iov[2];
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	214
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	215	iov[0].iov_base = cifs_pdu;
				216	iov[0].iov_len = 4;
				217	iov[1].iov_base = (char *)cifs_pdu + 4;
				218	iov[1].iov_len = be32_to_cpu(cifs_pdu->smb_buf_length);
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	219
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	220	return cifs_sign_smbv(iov, 2, server,
Jeff Layton	826a95e	2011-10-11 06:41:32 -0400	[diff] [blame]	221	pexpected_response_sequence_number);
				222	}
				223
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	224	int cifs_verify_signature(struct smb_rqst *rqst,
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	225	struct TCP_Server_Info *server,
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	226	__u32 expected_sequence_number)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	227	{
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	228	unsigned int rc;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	229	char server_response_sig[8];
				230	char what_we_think_sig_should_be[20];
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	231	struct smb_hdr cifs_pdu = (struct smb_hdr )rqst->rq_iov[0].iov_base;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	232
Pavel Shilovsky	738f9de	2016-11-23 15:14:57 -0800	[diff] [blame]	233	if (rqst->rq_iov[0].iov_len != 4 \|\|
				234	rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)
				235	return -EIO;
				236
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	237	if (cifs_pdu == NULL \|\| server == NULL)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	238	return -EINVAL;
				239
Jeff Layton	9c4843e	2011-06-06 15:40:23 -0400	[diff] [blame]	240	if (!server->session_estab)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	241	return 0;
				242
				243	if (cifs_pdu->Command == SMB_COM_LOCKING_ANDX) {
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	244	struct smb_com_lock_req *pSMB =
Steve French	ffdd6e4	2007-06-24 21:15:44 +0000	[diff] [blame]	245	(struct smb_com_lock_req *)cifs_pdu;
				246	if (pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	247	return 0;
				248	}
				249
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	250	/* BB what if signatures are supposed to be on for session but
				251	server does not send one? BB */
				252
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	253	/* Do not need to verify session setups with signature "BSRSPYL " */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	254	if (memcmp(cifs_pdu->Signature.SecuritySignature, "BSRSPYL ", 8) == 0)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	255	cifs_dbg(FYI, "dummy signature received for smb command 0x%x\n",
				256	cifs_pdu->Command);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	257
				258	/* save off the origiginal signature so we can modify the smb and check
				259	its signature against what the server sent */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	260	memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	261
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	262	cifs_pdu->Signature.Sequence.SequenceNumber =
				263	cpu_to_le32(expected_sequence_number);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	264	cifs_pdu->Signature.Sequence.Reserved = 0;
				265
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	266	mutex_lock(&server->srv_mutex);
Jeff Layton	bf5ea0e	2012-09-18 16:20:34 -0700	[diff] [blame]	267	rc = cifs_calc_signature(rqst, server, what_we_think_sig_should_be);
Jeff Layton	157c249	2011-04-02 07:34:30 -0400	[diff] [blame]	268	mutex_unlock(&server->srv_mutex);
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	269
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	270	if (rc)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	271	return rc;
				272
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	273	/* cifs_dump_mem("what we think it should be: ",
				274	what_we_think_sig_should_be, 16); */
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	275
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	276	if (memcmp(server_response_sig, what_we_think_sig_should_be, 8))
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	277	return -EACCES;
				278	else
				279	return 0;
				280
				281	}
				282
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	283	/* first calculate 24 bytes ntlm response and then 16 byte session key */
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	284	int setup_ntlm_response(struct cifs_ses ses, const struct nls_table nls_cp)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	285	{
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	286	int rc = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	287	unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;
				288	char temp_key[CIFS_SESS_KEY_SIZE];
				289
				290	if (!ses)
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	291	return -EINVAL;
				292
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	293	ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	294	if (!ses->auth_key.response)
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	295	return -ENOMEM;
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	296
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	297	ses->auth_key.len = temp_len;
				298
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	299	rc = SMBNTencrypt(ses->password, ses->server->cryptkey,
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	300	ses->auth_key.response + CIFS_SESS_KEY_SIZE, nls_cp);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	301	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	302	cifs_dbg(FYI, "%s Can't generate NTLM response, error: %d\n",
				303	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	304	return rc;
				305	}
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	306
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	307	rc = E_md4hash(ses->password, temp_key, nls_cp);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	308	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	309	cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",
				310	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	311	return rc;
				312	}
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	313
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	314	rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
				315	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	316	cifs_dbg(FYI, "%s Can't generate NTLM session key, error: %d\n",
				317	__func__, rc);
Shirish Pargaonkar	ee2c925	2011-01-27 09:58:04 -0600	[diff] [blame]	318
				319	return rc;
Linus Torvalds	1da177e	2005-04-16 15:20:36 -0700	[diff] [blame]	320	}
				321
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	322	#ifdef CONFIG_CIFS_WEAK_PW_HASH
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	323	int calc_lanman_hash(const char password, const char cryptkey, bool encrypt,
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	324	char *lnm_session_key)
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	325	{
				326	int i;
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	327	int rc;
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	328	char password_with_pad[CIFS_ENCPWD_SIZE];
				329
				330	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	331	if (password)
				332	strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	333
Jeff Layton	04912d6	2010-04-24 07:57:45 -0400	[diff] [blame]	334	if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	335	memcpy(lnm_session_key, password_with_pad,
				336	CIFS_ENCPWD_SIZE);
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	337	return 0;
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	338	}
Steve French	bdc4bf6e	2006-06-02 22:57:13 +0000	[diff] [blame]	339
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	340	/* calculate old style session key */
				341	/* calling toupper is less broken than repeatedly
				342	calling nls_toupper would be since that will never
				343	work for UTF8, but neither handles multibyte code pages
				344	but the only alternative would be converting to UCS-16 (Unicode)
				345	(using a routine something like UniStrupr) then
				346	uppercasing and then converting back from Unicode - which
				347	would only worth doing it if we knew it were utf8. Basically
				348	utf8 and other multibyte codepages each need their own strupper
				349	function since a byte at a time will ont work. */
				350
Shirish Pargaonkar	ef571ca	2008-07-24 15:56:05 +0000	[diff] [blame]	351	for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	352	password_with_pad[i] = toupper(password_with_pad[i]);
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	353
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	354	rc = SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
Jeff Layton	4e53a3f	2008-12-05 20:41:21 -0500	[diff] [blame]	355
Steve French	43988d7	2011-04-19 18:23:31 +0000	[diff] [blame]	356	return rc;
Steve French	7c7b25b	2006-06-01 19:20:10 +0000	[diff] [blame]	357	}
				358	#endif /* CIFS_WEAK_PW_HASH */
				359
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	360	/* Build a proper attribute value/target info pairs blob.
				361	* Fill in netbios and dns domain name and workstation name
				362	* and client time (total five av pairs and + one end of fields indicator.
				363	* Allocate domain name which gets freed when session struct is deallocated.
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	364	*/
				365	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	366	build_avpair_blob(struct cifs_ses ses, const struct nls_table nls_cp)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	367	{
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	368	unsigned int dlen;
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	369	unsigned int size = 2 * sizeof(struct ntlmssp2_name);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	370	char *defdmname = "WORKGROUP";
				371	unsigned char *blobptr;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	372	struct ntlmssp2_name *attrptr;
				373
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	374	if (!ses->domainName) {
				375	ses->domainName = kstrdup(defdmname, GFP_KERNEL);
				376	if (!ses->domainName)
				377	return -ENOMEM;
				378	}
				379
				380	dlen = strlen(ses->domainName);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	381
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	382	/*
				383	* The length of this blob is two times the size of a
				384	* structure (av pair) which holds name/size
				385	* ( for NTLMSSP_AV_NB_DOMAIN_NAME followed by NTLMSSP_AV_EOL ) +
				386	* unicode length of a netbios domain name
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	387	*/
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	388	ses->auth_key.len = size + 2 * dlen;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	389	ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);
				390	if (!ses->auth_key.response) {
				391	ses->auth_key.len = 0;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	392	return -ENOMEM;
				393	}
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	394
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	395	blobptr = ses->auth_key.response;
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	396	attrptr = (struct ntlmssp2_name *) blobptr;
				397
Shirish Pargaonkar	cfbd6f8	2011-08-24 23:05:46 -0500	[diff] [blame]	398	/*
				399	* As defined in MS-NTLM 3.3.2, just this av pair field
				400	* is sufficient as part of the temp
				401	*/
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	402	attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME);
				403	attrptr->length = cpu_to_le16(2 * dlen);
				404	blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	405	cifs_strtoUTF16((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	406
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	407	return 0;
				408	}
				409
				410	/* Server has provided av pairs/target info in the type 2 challenge
				411	* packet and we have plucked it and stored within smb session.
				412	* We parse that blob here to find netbios domain name to be used
				413	* as part of ntlmv2 authentication (in Target String), if not already
				414	* specified on the command line.
				415	* If this function returns without any error but without fetching
				416	* domain name, authentication may fail against some server but
				417	* may not fail against other (those who are not very particular
				418	* about target string i.e. for some, just user name might suffice.
				419	*/
				420	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	421	find_domain_name(struct cifs_ses ses, const struct nls_table nls_cp)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	422	{
				423	unsigned int attrsize;
				424	unsigned int type;
				425	unsigned int onesize = sizeof(struct ntlmssp2_name);
				426	unsigned char *blobptr;
				427	unsigned char *blobend;
				428	struct ntlmssp2_name *attrptr;
				429
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	430	if (!ses->auth_key.len \|\| !ses->auth_key.response)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	431	return 0;
				432
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	433	blobptr = ses->auth_key.response;
				434	blobend = blobptr + ses->auth_key.len;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	435
				436	while (blobptr + onesize < blobend) {
				437	attrptr = (struct ntlmssp2_name *) blobptr;
				438	type = le16_to_cpu(attrptr->type);
				439	if (type == NTLMSSP_AV_EOL)
				440	break;
				441	blobptr += 2; /* advance attr type */
				442	attrsize = le16_to_cpu(attrptr->length);
				443	blobptr += 2; /* advance attr size */
				444	if (blobptr + attrsize > blobend)
				445	break;
				446	if (type == NTLMSSP_AV_NB_DOMAIN_NAME) {
Chen Gang	057d633	2013-07-19 09:01:36 +0800	[diff] [blame]	447	if (!attrsize \|\| attrsize >= CIFS_MAX_DOMAINNAME_LEN)
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	448	break;
				449	if (!ses->domainName) {
				450	ses->domainName =
				451	kmalloc(attrsize + 1, GFP_KERNEL);
				452	if (!ses->domainName)
				453	return -ENOMEM;
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	454	cifs_from_utf16(ses->domainName,
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	455	(__le16 *)blobptr, attrsize, attrsize,
Steve French	b693855	2014-09-25 13:20:05 -0500	[diff] [blame]	456	nls_cp, NO_MAP_UNI_RSVD);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	457	break;
				458	}
				459	}
				460	blobptr += attrsize; /* advance attr value */
				461	}
				462
				463	return 0;
				464	}
				465
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	466	/* Server has provided av pairs/target info in the type 2 challenge
				467	* packet and we have plucked it and stored within smb session.
				468	* We parse that blob here to find the server given timestamp
				469	* as part of ntlmv2 authentication (or local current time as
				470	* default in case of failure)
				471	*/
				472	static __le64
				473	find_timestamp(struct cifs_ses *ses)
				474	{
				475	unsigned int attrsize;
				476	unsigned int type;
				477	unsigned int onesize = sizeof(struct ntlmssp2_name);
				478	unsigned char *blobptr;
				479	unsigned char *blobend;
				480	struct ntlmssp2_name *attrptr;
				481
				482	if (!ses->auth_key.len \|\| !ses->auth_key.response)
				483	return 0;
				484
				485	blobptr = ses->auth_key.response;
				486	blobend = blobptr + ses->auth_key.len;
				487
				488	while (blobptr + onesize < blobend) {
				489	attrptr = (struct ntlmssp2_name *) blobptr;
				490	type = le16_to_cpu(attrptr->type);
				491	if (type == NTLMSSP_AV_EOL)
				492	break;
				493	blobptr += 2; /* advance attr type */
				494	attrsize = le16_to_cpu(attrptr->length);
				495	blobptr += 2; /* advance attr size */
				496	if (blobptr + attrsize > blobend)
				497	break;
				498	if (type == NTLMSSP_AV_TIMESTAMP) {
				499	if (attrsize == sizeof(u64))
				500	return ((__le64 )blobptr);
				501	}
				502	blobptr += attrsize; /* advance attr value */
				503	}
				504
				505	return cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
				506	}
				507
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	508	static int calc_ntlmv2_hash(struct cifs_ses ses, char ntlmv2_hash,
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	509	const struct nls_table *nls_cp)
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	510	{
				511	int rc = 0;
				512	int len;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	513	char nt_hash[CIFS_NTHASH_SIZE];
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	514	__le16 *user;
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	515	wchar_t *domain;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	516	wchar_t *server;
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	517
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	518	if (!ses->server->secmech.sdeschmacmd5) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	519	cifs_dbg(VFS, "%s: can't generate ntlmv2 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	520	return -1;
				521	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	522
				523	/* calculate md4 hash of password */
Shirish Pargaonkar	9ef5992	2011-10-20 13:21:59 -0500	[diff] [blame]	524	E_md4hash(ses->password, nt_hash, nls_cp);
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	525
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	526	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	527	CIFS_NTHASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	528	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	529	cifs_dbg(VFS, "%s: Could not set NT Hash as a key\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	530	return rc;
				531	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	532
				533	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				534	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	535	cifs_dbg(VFS, "%s: could not init hmacmd5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	536	return rc;
				537	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	538
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	539	/* convert ses->user_name to unicode */
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	540	len = ses->user_name ? strlen(ses->user_name) : 0;
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	541	user = kmalloc(2 + (len * 2), GFP_KERNEL);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	542	if (user == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	543	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	544	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	545	}
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	546
				547	if (len) {
Steve French	fdf96a9	2013-06-25 14:03:16 -0500	[diff] [blame]	548	len = cifs_strtoUTF16(user, ses->user_name, len, nls_cp);
Jeff Layton	04febab	2012-01-17 16:09:15 -0500	[diff] [blame]	549	UniStrupr(user);
				550	} else {
				551	memset(user, '\0', 2);
				552	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	553
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	554	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	555	(char )user, 2 len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	556	kfree(user);
				557	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	558	cifs_dbg(VFS, "%s: Could not update with user\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	559	return rc;
				560	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	561
				562	/* convert ses->domainName to unicode and uppercase */
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	563	if (ses->domainName) {
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	564	len = strlen(ses->domainName);
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	565
Steve French	50c2f75	2007-07-13 00:33:32 +0000	[diff] [blame]	566	domain = kmalloc(2 + (len * 2), GFP_KERNEL);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	567	if (domain == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	568	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	569	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	570	}
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	571	len = cifs_strtoUTF16((__le16 *)domain, ses->domainName, len,
				572	nls_cp);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	573	rc =
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	574	crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
				575	(char )domain, 2 len);
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	576	kfree(domain);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	577	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	578	cifs_dbg(VFS, "%s: Could not update with domain\n",
				579	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	580	return rc;
				581	}
Steve French	8b7a454	2015-03-30 16:58:17 -0500	[diff] [blame]	582	} else {
				583	/* We use ses->serverName if no domain name available */
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	584	len = strlen(ses->serverName);
				585
				586	server = kmalloc(2 + (len * 2), GFP_KERNEL);
				587	if (server == NULL) {
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	588	rc = -ENOMEM;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	589	return rc;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	590	}
Steve French	acbbb76	2012-01-18 22:32:33 -0600	[diff] [blame]	591	len = cifs_strtoUTF16((__le16 *)server, ses->serverName, len,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	592	nls_cp);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	593	rc =
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	594	crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
				595	(char )server, 2 len);
				596	kfree(server);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	597	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	598	cifs_dbg(VFS, "%s: Could not update with server\n",
				599	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	600	return rc;
				601	}
Steve French	1717ffc	2006-06-08 05:41:32 +0000	[diff] [blame]	602	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	603
				604	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	605	ntlmv2_hash);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	606	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	607	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	608
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	609	return rc;
				610	}
				611
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	612	static int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	613	CalcNTLMv2_response(const struct cifs_ses ses, char ntlmv2_hash)
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	614	{
				615	int rc;
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	616	struct ntlmv2_resp ntlmv2 = (struct ntlmv2_resp )
				617	(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
				618	unsigned int hash_len;
				619
				620	/* The MD5 hash starts at challenge_key.key */
				621	hash_len = ses->auth_key.len - (CIFS_SESS_KEY_SIZE +
				622	offsetof(struct ntlmv2_resp, challenge.key[0]));
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	623
				624	if (!ses->server->secmech.sdeschmacmd5) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	625	cifs_dbg(VFS, "%s: can't generate ntlmv2 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	626	return -1;
				627	}
				628
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	629	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	630	ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	631	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	632	cifs_dbg(VFS, "%s: Could not set NTLMV2 Hash as a key\n",
				633	__func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	634	return rc;
				635	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	636
				637	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				638	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	639	cifs_dbg(VFS, "%s: could not init hmacmd5\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	640	return rc;
				641	}
				642
Jeff Layton	3f61822	2013-06-12 19:52:14 -0500	[diff] [blame]	643	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	644	memcpy(ntlmv2->challenge.key,
				645	ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
Shirish Pargaonkar	d3ba50b	2010-10-27 15:20:36 -0500	[diff] [blame]	646	else
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	647	memcpy(ntlmv2->challenge.key,
				648	ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	649	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	650	ntlmv2->challenge.key, hash_len);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	651	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	652	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	653	return rc;
				654	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	655
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	656	/* Note that the MD5 digest over writes anon.challenge_key.key */
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	657	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	658	ntlmv2->ntlmv2_hash);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	659	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	660	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	661
				662	return rc;
				663	}
				664
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	665	static int crypto_hmacmd5_alloc(struct TCP_Server_Info *server)
				666	{
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	667	int rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	668	unsigned int size;
				669
				670	/* check if already allocated */
				671	if (server->secmech.sdeschmacmd5)
				672	return 0;
				673
				674	server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0);
				675	if (IS_ERR(server->secmech.hmacmd5)) {
				676	cifs_dbg(VFS, "could not allocate crypto hmacmd5\n");
Jeff Layton	ba48202	2013-07-31 13:48:00 -0400	[diff] [blame]	677	rc = PTR_ERR(server->secmech.hmacmd5);
				678	server->secmech.hmacmd5 = NULL;
				679	return rc;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	680	}
				681
				682	size = sizeof(struct shash_desc) +
				683	crypto_shash_descsize(server->secmech.hmacmd5);
				684	server->secmech.sdeschmacmd5 = kmalloc(size, GFP_KERNEL);
				685	if (!server->secmech.sdeschmacmd5) {
				686	crypto_free_shash(server->secmech.hmacmd5);
				687	server->secmech.hmacmd5 = NULL;
				688	return -ENOMEM;
				689	}
				690	server->secmech.sdeschmacmd5->shash.tfm = server->secmech.hmacmd5;
				691	server->secmech.sdeschmacmd5->shash.flags = 0x0;
				692
				693	return 0;
				694	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	695
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	696	int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	697	setup_ntlmv2_rsp(struct cifs_ses ses, const struct nls_table nls_cp)
Steve French	9fbc590	2010-08-20 20:42:26 +0000	[diff] [blame]	698	{
Steve French	c8e56f1	2010-09-08 21:10:58 +0000	[diff] [blame]	699	int rc;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	700	int baselen;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	701	unsigned int tilen;
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	702	struct ntlmv2_resp *ntlmv2;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	703	char ntlmv2_hash[16];
				704	unsigned char tiblob = NULL; / target info blob */
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	705	__le64 rsp_timestamp;
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	706
Jeff Layton	3f61822	2013-06-12 19:52:14 -0500	[diff] [blame]	707	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	708	if (!ses->domainName) {
Germano Percossi	3956644	2016-12-15 12:31:18 +0530	[diff] [blame]	709	if (ses->domainAuto) {
				710	rc = find_domain_name(ses, nls_cp);
				711	if (rc) {
				712	cifs_dbg(VFS, "error %d finding domain name\n",
				713	rc);
				714	goto setup_ntlmv2_rsp_ret;
				715	}
				716	} else {
				717	ses->domainName = kstrdup("", GFP_KERNEL);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	718	}
				719	}
				720	} else {
Shirish Pargaonkar	9daa42e	2010-10-10 13:21:05 -0500	[diff] [blame]	721	rc = build_avpair_blob(ses, nls_cp);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	722	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	723	cifs_dbg(VFS, "error %d building av pair blob\n", rc);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	724	goto setup_ntlmv2_rsp_ret;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	725	}
				726	}
Steve French	a8ee034	2006-06-05 23:34:19 +0000	[diff] [blame]	727
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	728	/* Must be within 5 minutes of the server (or in range +/-2h
				729	* in case of Mac OS X), so simply carry over server timestamp
				730	* (as Windows 7 does)
				731	*/
				732	rsp_timestamp = find_timestamp(ses);
				733
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	734	baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	735	tilen = ses->auth_key.len;
				736	tiblob = ses->auth_key.response;
				737
				738	ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	739	if (!ses->auth_key.response) {
Anton Protopopov	4b550af	2016-02-10 12:50:21 -0500	[diff] [blame]	740	rc = -ENOMEM;
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	741	ses->auth_key.len = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	742	goto setup_ntlmv2_rsp_ret;
				743	}
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	744	ses->auth_key.len += baselen;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	745
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	746	ntlmv2 = (struct ntlmv2_resp *)
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	747	(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	748	ntlmv2->blob_signature = cpu_to_le32(0x00000101);
				749	ntlmv2->reserved = 0;
Peter Seiderer	98ce94c	2015-09-17 21:40:12 +0200	[diff] [blame]	750	ntlmv2->time = rsp_timestamp;
				751
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	752	get_random_bytes(&ntlmv2->client_chal, sizeof(ntlmv2->client_chal));
				753	ntlmv2->reserved2 = 0;
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	754
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	755	memcpy(ses->auth_key.response + baselen, tiblob, tilen);
Shirish Pargaonkar	21e7339	2010-10-21 06:42:55 -0500	[diff] [blame]	756
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	757	mutex_lock(&ses->server->srv_mutex);
				758
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	759	rc = crypto_hmacmd5_alloc(ses->server);
				760	if (rc) {
				761	cifs_dbg(VFS, "could not crypto alloc hmacmd5 rc %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	762	goto unlock;
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	763	}
				764
Shirish Pargaonkar	f7c5445	2010-10-26 18:10:24 -0500	[diff] [blame]	765	/* calculate ntlmv2_hash */
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	766	rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	767	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	768	cifs_dbg(VFS, "could not get v2 hash rc %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	769	goto unlock;
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	770	}
Shirish Pargaonkar	f7c5445	2010-10-26 18:10:24 -0500	[diff] [blame]	771
				772	/* calculate first part of the client response (CR1) */
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	773	rc = CalcNTLMv2_response(ses, ntlmv2_hash);
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	774	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	775	cifs_dbg(VFS, "Could not calculate CR1 rc: %d\n", rc);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	776	goto unlock;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	777	}
Steve French	b609f06	2007-07-09 07:55:14 +0000	[diff] [blame]	778
Shirish Pargaonkar	5d0d288	2010-10-13 18:15:00 -0500	[diff] [blame]	779	/* now calculate the session key for NTLMv2 */
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	780	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	781	ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	782	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	783	cifs_dbg(VFS, "%s: Could not set NTLMV2 Hash as a key\n",
				784	__func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	785	goto unlock;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	786	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	787
				788	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
				789	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	790	cifs_dbg(VFS, "%s: Could not init hmacmd5\n", __func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	791	goto unlock;
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	792	}
				793
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	794	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
Tim Gardner	2c957dd	2013-11-07 16:40:57 -0700	[diff] [blame]	795	ntlmv2->ntlmv2_hash,
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	796	CIFS_HMAC_MD5_HASH_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	797	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	798	cifs_dbg(VFS, "%s: Could not update with response\n", __func__);
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	799	goto unlock;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	800	}
Shirish Pargaonkar	307fbd3	2010-10-21 14:25:17 -0500	[diff] [blame]	801
				802	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
				803	ses->auth_key.response);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	804	if (rc)
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	805	cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	806
Rabin Vincent	bd975d1	2016-07-19 09:26:21 +0200	[diff] [blame]	807	unlock:
				808	mutex_unlock(&ses->server->srv_mutex);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	809	setup_ntlmv2_rsp_ret:
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	810	kfree(tiblob);
Shirish Pargaonkar	2b149f1	2010-09-18 22:02:18 -0500	[diff] [blame]	811
				812	return rc;
Steve French	6d027cf	2006-06-05 16:26:05 +0000	[diff] [blame]	813	}
				814
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	815	int
Steve French	96daf2b	2011-05-27 04:34:02 +0000	[diff] [blame]	816	calc_seckey(struct cifs_ses *ses)
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	817	{
				818	int rc;
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	819	struct crypto_skcipher *tfm_arc4;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	820	struct scatterlist sgin, sgout;
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	821	struct skcipher_request *req;
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	822	unsigned char *sec_key;
				823
				824	sec_key = kmalloc(CIFS_SESS_KEY_SIZE, GFP_KERNEL);
				825	if (sec_key == NULL)
				826	return -ENOMEM;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	827
				828	get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
				829
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	830	tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
Shirish Pargaonkar	7a8587e	2011-01-29 13:54:58 -0600	[diff] [blame]	831	if (IS_ERR(tfm_arc4)) {
				832	rc = PTR_ERR(tfm_arc4);
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	833	cifs_dbg(VFS, "could not allocate crypto API arc4\n");
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	834	goto out;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	835	}
				836
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	837	rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response,
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	838	CIFS_SESS_KEY_SIZE);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	839	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	840	cifs_dbg(VFS, "%s: Could not set response as a key\n",
				841	__func__);
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	842	goto out_free_cipher;
				843	}
				844
				845	req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL);
				846	if (!req) {
				847	rc = -ENOMEM;
				848	cifs_dbg(VFS, "could not allocate crypto API arc4 request\n");
				849	goto out_free_cipher;
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	850	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	851
				852	sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
Shirish Pargaonkar	d3686d5	2010-10-28 09:53:07 -0500	[diff] [blame]	853	sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	854
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	855	skcipher_request_set_callback(req, 0, NULL, NULL);
				856	skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL);
				857
				858	rc = crypto_skcipher_encrypt(req);
				859	skcipher_request_free(req);
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	860	if (rc) {
Joe Perches	f96637b	2013-05-04 22:12:25 -0500	[diff] [blame]	861	cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc);
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	862	goto out_free_cipher;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	863	}
				864
				865	/* make secondary_key/nonce as session key */
				866	memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
				867	/* and make len as that of session key only */
				868	ses->auth_key.len = CIFS_SESS_KEY_SIZE;
				869
Herbert Xu	9651ddb	2016-01-24 21:17:17 +0800	[diff] [blame]	870	out_free_cipher:
				871	crypto_free_skcipher(tfm_arc4);
Sachin Prabhu	5f4b556	2016-10-17 16:40:22 -0400	[diff] [blame]	872	out:
				873	kfree(sec_key);
Shirish Pargaonkar	14cae32	2011-06-20 16:14:03 -0500	[diff] [blame]	874	return rc;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	875	}
				876
				877	void
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	878	cifs_crypto_secmech_release(struct TCP_Server_Info *server)
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	879	{
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	880	if (server->secmech.cmacaes) {
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	881	crypto_free_shash(server->secmech.cmacaes);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	882	server->secmech.cmacaes = NULL;
				883	}
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	884
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	885	if (server->secmech.hmacsha256) {
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	886	crypto_free_shash(server->secmech.hmacsha256);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	887	server->secmech.hmacsha256 = NULL;
				888	}
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	889
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	890	if (server->secmech.md5) {
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	891	crypto_free_shash(server->secmech.md5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	892	server->secmech.md5 = NULL;
				893	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	894
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	895	if (server->secmech.hmacmd5) {
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	896	crypto_free_shash(server->secmech.hmacmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	897	server->secmech.hmacmd5 = NULL;
				898	}
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	899
Pavel Shilovsky	026e93d	2016-11-03 16:47:37 -0700	[diff] [blame]	900	if (server->secmech.ccmaesencrypt) {
				901	crypto_free_aead(server->secmech.ccmaesencrypt);
				902	server->secmech.ccmaesencrypt = NULL;
				903	}
				904
				905	if (server->secmech.ccmaesdecrypt) {
				906	crypto_free_aead(server->secmech.ccmaesdecrypt);
				907	server->secmech.ccmaesdecrypt = NULL;
				908	}
				909
Steve French	429b46f	2013-06-26 23:45:05 -0500	[diff] [blame]	910	kfree(server->secmech.sdesccmacaes);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	911	server->secmech.sdesccmacaes = NULL;
Pavel Shilovsky	3c1bf7e	2012-09-18 16:20:30 -0700	[diff] [blame]	912	kfree(server->secmech.sdeschmacsha256);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	913	server->secmech.sdeschmacsha256 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	914	kfree(server->secmech.sdeschmacmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	915	server->secmech.sdeschmacmd5 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	916	kfree(server->secmech.sdescmd5);
Steve French	95dc8dd	2013-07-04 10:35:21 -0500	[diff] [blame]	917	server->secmech.sdescmd5 = NULL;
Shirish Pargaonkar	d2b9152	2010-10-21 14:25:08 -0500	[diff] [blame]	918	}