xref: /kernel/linux/linux-5.10/fs/cifs/cifsencrypt.c

266 int setup_ntlm_response(struct cifs_ses *ses, const struct nls_table *nls_cp)
272 	if (!ses)
275 	ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);
276 	if (!ses->auth_key.response)
279 	ses->auth_key.len = temp_len;
281 	rc = SMBNTencrypt(ses->password, ses->server->cryptkey,
282 			ses->auth_key.response + CIFS_SESS_KEY_SIZE, nls_cp);
289 	rc = E_md4hash(ses->password, temp_key, nls_cp);
296 	rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
352 build_avpair_blob(struct cifs_ses *ses, const struct nls_table *nls_cp)
360 	if (!ses->domainName) {
361 		ses->domainName = kstrdup(defdmname, GFP_KERNEL);
362 		if (!ses->domainName)
366 	dlen = strlen(ses->domainName);
374 	ses->auth_key.len = size + 2 * dlen;
375 	ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);
376 	if (!ses->auth_key.response) {
377 		ses->auth_key.len = 0;
381 	blobptr = ses->auth_key.response;
391 	cifs_strtoUTF16((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
407 find_domain_name(struct cifs_ses *ses, const struct nls_table *nls_cp)
416 	if (!ses->auth_key.len || !ses->auth_key.response)
419 	blobptr = ses->auth_key.response;
420 	blobend = blobptr + ses->auth_key.len;
435 			if (!ses->domainName) {
436 				ses->domainName =
438 				if (!ses->domainName)
440 				cifs_from_utf16(ses->domainName,
459 find_timestamp(struct cifs_ses *ses)
469 	if (!ses->auth_key.len || !ses->auth_key.response)
472 	blobptr = ses->auth_key.response;
473 	blobend = blobptr + ses->auth_key.len;
496 static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
506 	if (!ses->server->secmech.sdeschmacmd5) {
512 	E_md4hash(ses->password, nt_hash, nls_cp);
514 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,
521 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
527 	/* convert ses->user_name to unicode */
528 	len = ses->user_name ? strlen(ses->user_name) : 0;
536 		len = cifs_strtoUTF16(user, ses->user_name, len, nls_cp);
542 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
550 	/* convert ses->domainName to unicode and uppercase */
551 	if (ses->domainName) {
552 		len = strlen(ses->domainName);
559 		len = cifs_strtoUTF16((__le16 *)domain, ses->domainName, len,
562 		crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
571 		/* We use ses->serverName if no domain name available */
572 		len = strlen(ses->serverName);
579 		len = cifs_strtoUTF16((__le16 *)server, ses->serverName, len,
582 		crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
592 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
601 CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash)
605 	    (ses->auth_key.response + CIFS_SESS_KEY_SIZE);
609 	hash_len = ses->auth_key.len - (CIFS_SESS_KEY_SIZE +
612 	if (!ses->server->secmech.sdeschmacmd5) {
617 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
625 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
631 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)
633 		       ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
636 		       ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
637 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
645 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
654 setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
664 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {
665 		if (!ses->domainName) {
666 			if (ses->domainAuto) {
667 				rc = find_domain_name(ses, nls_cp);
674 				ses->domainName = kstrdup("", GFP_KERNEL);
678 		rc = build_avpair_blob(ses, nls_cp);
689 	rsp_timestamp = find_timestamp(ses);
692 	tilen = ses->auth_key.len;
693 	tiblob = ses->auth_key.response;
695 	ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);
696 	if (!ses->auth_key.response) {
698 		ses->auth_key.len = 0;
701 	ses->auth_key.len += baselen;
704 			(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
712 	memcpy(ses->auth_key.response + baselen, tiblob, tilen);
714 	mutex_lock(&ses->server->srv_mutex);
717 			     &ses->server->secmech.hmacmd5,
718 			     &ses->server->secmech.sdeschmacmd5);
724 	rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);
731 	rc = CalcNTLMv2_response(ses, ntlmv2_hash);
738 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
746 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
752 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
760 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
761 		ses->auth_key.response);
766 	mutex_unlock(&ses->server->srv_mutex);
774 calc_seckey(struct cifs_ses *ses)
790 	arc4_setkey(ctx_arc4, ses->auth_key.response, CIFS_SESS_KEY_SIZE);
791 	arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key,
795 	memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
797 	ses->auth_key.len = CIFS_SESS_KEY_SIZE;

Indexes created Thu Nov 07 10:32:03 CST 2024