xref: /fs/smb/server/auth.c

83 	int rc;  in ksmbd_gen_sess_key()  local
91 	rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),  in ksmbd_gen_sess_key()
94 	if (rc) {  in ksmbd_gen_sess_key()
95 		ksmbd_debug(AUTH, "hmacmd5 set key fail error %d\n", rc);  in ksmbd_gen_sess_key()
99 	rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));  in ksmbd_gen_sess_key()
100 	if (rc) {  in ksmbd_gen_sess_key()
101 		ksmbd_debug(AUTH, "could not init hmacmd5 error %d\n", rc);  in ksmbd_gen_sess_key()
105 	rc = crypto_shash_update(CRYPTO_HMACMD5(ctx),  in ksmbd_gen_sess_key()
108 	if (rc) {  in ksmbd_gen_sess_key()
109 		ksmbd_debug(AUTH, "Could not update with response error %d\n", rc);  in ksmbd_gen_sess_key()
113 	rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), sess->sess_key);  in ksmbd_gen_sess_key()
114 	if (rc) {  in ksmbd_gen_sess_key()
115 		ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n", rc);  in ksmbd_gen_sess_key()
121 	return rc;  in ksmbd_gen_sess_key()
228 	int rc, len;  in ksmbd_auth_ntlmv2()  local
230 	rc = calc_ntlmv2_hash(conn, sess, ntlmv2_hash, domain_name);  in ksmbd_auth_ntlmv2()
231 	if (rc) {  in ksmbd_auth_ntlmv2()
232 		ksmbd_debug(AUTH, "could not get v2 hash rc %d\n", rc);  in ksmbd_auth_ntlmv2()
242 	rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),  in ksmbd_auth_ntlmv2()
245 	if (rc) {  in ksmbd_auth_ntlmv2()
250 	rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));  in ksmbd_auth_ntlmv2()
251 	if (rc) {  in ksmbd_auth_ntlmv2()
259 		rc = -ENOMEM;  in ksmbd_auth_ntlmv2()
266 	rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len);  in ksmbd_auth_ntlmv2()
267 	if (rc) {  in ksmbd_auth_ntlmv2()
272 	rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_rsp);  in ksmbd_auth_ntlmv2()
273 	if (rc) {  in ksmbd_auth_ntlmv2()
280 	rc = ksmbd_gen_sess_key(sess, ntlmv2_hash, ntlmv2_rsp);  in ksmbd_auth_ntlmv2()
281 	if (rc) {  in ksmbd_auth_ntlmv2()
287 		rc = -EINVAL;  in ksmbd_auth_ntlmv2()
292 	return rc;  in ksmbd_auth_ntlmv2()
597 	int rc, i;  in ksmbd_sign_smb2_pdu()  local
605 	rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),  in ksmbd_sign_smb2_pdu()
608 	if (rc)  in ksmbd_sign_smb2_pdu()
611 	rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));  in ksmbd_sign_smb2_pdu()
612 	if (rc) {  in ksmbd_sign_smb2_pdu()
613 		ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);  in ksmbd_sign_smb2_pdu()
618 		rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),  in ksmbd_sign_smb2_pdu()
621 		if (rc) {  in ksmbd_sign_smb2_pdu()
622 			ksmbd_debug(AUTH, "hmacsha256 update error %d\n", rc);  in ksmbd_sign_smb2_pdu()
627 	rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), sig);  in ksmbd_sign_smb2_pdu()
628 	if (rc)  in ksmbd_sign_smb2_pdu()
629 		ksmbd_debug(AUTH, "hmacsha256 generation error %d\n", rc);  in ksmbd_sign_smb2_pdu()
632 	return rc;  in ksmbd_sign_smb2_pdu()
648 	int rc, i;  in ksmbd_sign_smb3_pdu()  local
656 	rc = crypto_shash_setkey(CRYPTO_CMACAES_TFM(ctx),  in ksmbd_sign_smb3_pdu()
659 	if (rc)  in ksmbd_sign_smb3_pdu()
662 	rc = crypto_shash_init(CRYPTO_CMACAES(ctx));  in ksmbd_sign_smb3_pdu()
663 	if (rc) {  in ksmbd_sign_smb3_pdu()
664 		ksmbd_debug(AUTH, "cmaces init error %d\n", rc);  in ksmbd_sign_smb3_pdu()
669 		rc = crypto_shash_update(CRYPTO_CMACAES(ctx),  in ksmbd_sign_smb3_pdu()
672 		if (rc) {  in ksmbd_sign_smb3_pdu()
673 			ksmbd_debug(AUTH, "cmaces update error %d\n", rc);  in ksmbd_sign_smb3_pdu()
678 	rc = crypto_shash_final(CRYPTO_CMACAES(ctx), sig);  in ksmbd_sign_smb3_pdu()
679 	if (rc)  in ksmbd_sign_smb3_pdu()
680 		ksmbd_debug(AUTH, "cmaces generation error %d\n", rc);  in ksmbd_sign_smb3_pdu()
683 	return rc;  in ksmbd_sign_smb3_pdu()
700 	int rc;  in generate_key()  local
714 	rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),  in generate_key()
717 	if (rc)  in generate_key()
720 	rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));  in generate_key()
721 	if (rc) {  in generate_key()
722 		ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);  in generate_key()
726 	rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), i, 4);  in generate_key()
727 	if (rc) {  in generate_key()
732 	rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),  in generate_key()
735 	if (rc) {  in generate_key()
740 	rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), &zero, 1);  in generate_key()
741 	if (rc) {  in generate_key()
746 	rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),  in generate_key()
749 	if (rc) {  in generate_key()
757 		rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4);  in generate_key()
759 		rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4);  in generate_key()
760 	if (rc) {  in generate_key()
765 	rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), hashptr);  in generate_key()
766 	if (rc) {  in generate_key()
768 			    rc);  in generate_key()
776 	return rc;  in generate_key()
783 	int rc;  in generate_smb3signingkey()  local
796 	rc = generate_key(conn, sess, signing->label, signing->context, key,  in generate_smb3signingkey()
798 	if (rc)  in generate_smb3signingkey()
799 		return rc;  in generate_smb3signingkey()
859 	int rc;  in generate_smb3encryptionkey()  local
861 	rc = generate_key(conn, sess, ptwin->encryption.label,  in generate_smb3encryptionkey()
864 	if (rc)  in generate_smb3encryptionkey()
865 		return rc;  in generate_smb3encryptionkey()
867 	rc = generate_key(conn, sess, ptwin->decryption.label,  in generate_smb3encryptionkey()
870 	if (rc)  in generate_smb3encryptionkey()
871 		return rc;  in generate_smb3encryptionkey()
938 	int rc;  in ksmbd_gen_preauth_integrity_hash()  local
954 	rc = crypto_shash_init(CRYPTO_SHA512(ctx));  in ksmbd_gen_preauth_integrity_hash()
955 	if (rc) {  in ksmbd_gen_preauth_integrity_hash()
960 	rc = crypto_shash_update(CRYPTO_SHA512(ctx), pi_hash, 64);  in ksmbd_gen_preauth_integrity_hash()
961 	if (rc) {  in ksmbd_gen_preauth_integrity_hash()
966 	rc = crypto_shash_update(CRYPTO_SHA512(ctx), all_bytes_msg, msg_size);  in ksmbd_gen_preauth_integrity_hash()
967 	if (rc) {  in ksmbd_gen_preauth_integrity_hash()
972 	rc = crypto_shash_final(CRYPTO_SHA512(ctx), pi_hash);  in ksmbd_gen_preauth_integrity_hash()
973 	if (rc) {  in ksmbd_gen_preauth_integrity_hash()
974 		ksmbd_debug(AUTH, "Could not generate hash err : %d\n", rc);  in ksmbd_gen_preauth_integrity_hash()
979 	return rc;  in ksmbd_gen_preauth_integrity_hash()
1095 	int rc;  in ksmbd_crypt_message()  local
1106 	rc = ksmbd_get_encryption_key(work,  in ksmbd_crypt_message()
1110 	if (rc) {  in ksmbd_crypt_message()
1112 		return rc;  in ksmbd_crypt_message()
1133 		rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE);  in ksmbd_crypt_message()
1135 		rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);  in ksmbd_crypt_message()
1136 	if (rc) {  in ksmbd_crypt_message()
1137 		pr_err("Failed to set aead key %d\n", rc);  in ksmbd_crypt_message()
1141 	rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);  in ksmbd_crypt_message()
1142 	if (rc) {  in ksmbd_crypt_message()
1143 		pr_err("Failed to set authsize %d\n", rc);  in ksmbd_crypt_message()
1149 		rc = -ENOMEM;  in ksmbd_crypt_message()
1161 		rc = -ENOMEM;  in ksmbd_crypt_message()
1168 		rc = -ENOMEM;  in ksmbd_crypt_message()
1185 		rc = crypto_aead_encrypt(req);  in ksmbd_crypt_message()
1187 		rc = crypto_aead_decrypt(req);  in ksmbd_crypt_message()
1188 	if (rc)  in ksmbd_crypt_message()
1202 	return rc;  in ksmbd_crypt_message()

Last Index update Fri Aug 22 10:33:58 CST 2025