xref: /linux-6.3-rc2/fs/cifs/cifsencrypt.c

387 build_avpair_blob(struct cifs_ses *ses, const struct nls_table *nls_cp)  in build_avpair_blob()  argument
395 	if (!ses->domainName) {  in build_avpair_blob()
396 		ses->domainName = kstrdup(defdmname, GFP_KERNEL);  in build_avpair_blob()
397 		if (!ses->domainName)  in build_avpair_blob()
401 	dlen = strlen(ses->domainName);  in build_avpair_blob()
409 	kfree_sensitive(ses->auth_key.response);  in build_avpair_blob()
410 	ses->auth_key.len = size + 2 * dlen;  in build_avpair_blob()
411 	ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);  in build_avpair_blob()
412 	if (!ses->auth_key.response) {  in build_avpair_blob()
413 		ses->auth_key.len = 0;  in build_avpair_blob()
417 	blobptr = ses->auth_key.response;  in build_avpair_blob()
427 	cifs_strtoUTF16((__le16 *)blobptr, ses->domainName, dlen, nls_cp);  in build_avpair_blob()
443 find_domain_name(struct cifs_ses *ses, const struct nls_table *nls_cp)  in find_domain_name()  argument
452 	if (!ses->auth_key.len || !ses->auth_key.response)  in find_domain_name()
455 	blobptr = ses->auth_key.response;  in find_domain_name()
456 	blobend = blobptr + ses->auth_key.len;  in find_domain_name()
471 			if (!ses->domainName) {  in find_domain_name()
472 				ses->domainName =  in find_domain_name()
474 				if (!ses->domainName)  in find_domain_name()
476 				cifs_from_utf16(ses->domainName,  in find_domain_name()
495 find_timestamp(struct cifs_ses *ses)  in find_timestamp()  argument
505 	if (!ses->auth_key.len || !ses->auth_key.response)  in find_timestamp()
508 	blobptr = ses->auth_key.response;  in find_timestamp()
509 	blobend = blobptr + ses->auth_key.len;  in find_timestamp()
532 static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,  in calc_ntlmv2_hash()  argument
542 	if (!ses->server->secmech.hmacmd5) {  in calc_ntlmv2_hash()
548 	E_md4hash(ses->password, nt_hash, nls_cp);  in calc_ntlmv2_hash()
550 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm, nt_hash,  in calc_ntlmv2_hash()
557 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);  in calc_ntlmv2_hash()
564 	len = ses->user_name ? strlen(ses->user_name) : 0;  in calc_ntlmv2_hash()
572 		len = cifs_strtoUTF16(user, ses->user_name, len, nls_cp);  in calc_ntlmv2_hash()
578 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,  in calc_ntlmv2_hash()
587 	if (ses->domainName) {  in calc_ntlmv2_hash()
588 		len = strlen(ses->domainName);  in calc_ntlmv2_hash()
595 		len = cifs_strtoUTF16((__le16 *)domain, ses->domainName, len,  in calc_ntlmv2_hash()
598 		crypto_shash_update(ses->server->secmech.hmacmd5,  in calc_ntlmv2_hash()
608 		len = strlen(ses->ip_addr);  in calc_ntlmv2_hash()
615 		len = cifs_strtoUTF16((__le16 *)server, ses->ip_addr, len,  in calc_ntlmv2_hash()
618 		crypto_shash_update(ses->server->secmech.hmacmd5,  in calc_ntlmv2_hash()
628 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,  in calc_ntlmv2_hash()
637 CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash)  in CalcNTLMv2_response()  argument
641 	    (ses->auth_key.response + CIFS_SESS_KEY_SIZE);  in CalcNTLMv2_response()
645 	hash_len = ses->auth_key.len - (CIFS_SESS_KEY_SIZE +  in CalcNTLMv2_response()
648 	if (!ses->server->secmech.hmacmd5) {  in CalcNTLMv2_response()
653 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm,  in CalcNTLMv2_response()
661 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);  in CalcNTLMv2_response()
667 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)  in CalcNTLMv2_response()
669 		       ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);  in CalcNTLMv2_response()
672 		       ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);  in CalcNTLMv2_response()
673 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,  in CalcNTLMv2_response()
681 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,  in CalcNTLMv2_response()
690 setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)  in setup_ntlmv2_rsp()  argument
705 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {  in setup_ntlmv2_rsp()
706 		if (!ses->domainName) {  in setup_ntlmv2_rsp()
707 			if (ses->domainAuto) {  in setup_ntlmv2_rsp()
708 				rc = find_domain_name(ses, nls_cp);  in setup_ntlmv2_rsp()
715 				ses->domainName = kstrdup("", GFP_KERNEL);  in setup_ntlmv2_rsp()
719 		rc = build_avpair_blob(ses, nls_cp);  in setup_ntlmv2_rsp()
730 	rsp_timestamp = find_timestamp(ses);  in setup_ntlmv2_rsp()
733 	tilen = ses->auth_key.len;  in setup_ntlmv2_rsp()
734 	tiblob = ses->auth_key.response;  in setup_ntlmv2_rsp()
736 	ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);  in setup_ntlmv2_rsp()
737 	if (!ses->auth_key.response) {  in setup_ntlmv2_rsp()
739 		ses->auth_key.len = 0;  in setup_ntlmv2_rsp()
742 	ses->auth_key.len += baselen;  in setup_ntlmv2_rsp()
745 			(ses->auth_key.response + CIFS_SESS_KEY_SIZE);  in setup_ntlmv2_rsp()
753 	memcpy(ses->auth_key.response + baselen, tiblob, tilen);  in setup_ntlmv2_rsp()
755 	cifs_server_lock(ses->server);  in setup_ntlmv2_rsp()
757 	rc = cifs_alloc_hash("hmac(md5)", &ses->server->secmech.hmacmd5);  in setup_ntlmv2_rsp()
763 	rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);  in setup_ntlmv2_rsp()
770 	rc = CalcNTLMv2_response(ses, ntlmv2_hash);  in setup_ntlmv2_rsp()
777 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm,  in setup_ntlmv2_rsp()
785 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);  in setup_ntlmv2_rsp()
791 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,  in setup_ntlmv2_rsp()
799 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,  in setup_ntlmv2_rsp()
800 		ses->auth_key.response);  in setup_ntlmv2_rsp()
805 	cifs_server_unlock(ses->server);  in setup_ntlmv2_rsp()
813 calc_seckey(struct cifs_ses *ses)  in calc_seckey()  argument
829 	cifs_arc4_setkey(ctx_arc4, ses->auth_key.response, CIFS_SESS_KEY_SIZE);  in calc_seckey()
830 	cifs_arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key,  in calc_seckey()
834 	memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);  in calc_seckey()
836 	ses->auth_key.len = CIFS_SESS_KEY_SIZE;  in calc_seckey()

Last Index update Sun Aug 20 00:18:20 CST 2023