387 build_avpair_blob(struct cifs_ses *ses, const struct nls_table *nls_cp)
395 	if (!ses->domainName) {
396 		ses->domainName = kstrdup(defdmname, GFP_KERNEL);
397 		if (!ses->domainName)
401 	dlen = strlen(ses->domainName);
409 	kfree_sensitive(ses->auth_key.response);
410 	ses->auth_key.len = size + 2 * dlen;
411 	ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);
412 	if (!ses->auth_key.response) {
413 		ses->auth_key.len = 0;
417 	blobptr = ses->auth_key.response;
427 	cifs_strtoUTF16((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
443 find_domain_name(struct cifs_ses *ses, const struct nls_table *nls_cp)
452 	if (!ses->auth_key.len || !ses->auth_key.response)
455 	blobptr = ses->auth_key.response;
456 	blobend = blobptr + ses->auth_key.len;
471 			if (!ses->domainName) {
472 				ses->domainName =
474 				if (!ses->domainName)
476 				cifs_from_utf16(ses->domainName,
495 find_timestamp(struct cifs_ses *ses)
505 	if (!ses->auth_key.len || !ses->auth_key.response)
508 	blobptr = ses->auth_key.response;
509 	blobend = blobptr + ses->auth_key.len;
532 static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
542 	if (!ses->server->secmech.hmacmd5) {
548 	E_md4hash(ses->password, nt_hash, nls_cp);
550 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm, nt_hash,
557 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);
563 	/* convert ses->user_name to unicode */
564 	len = ses->user_name ? strlen(ses->user_name) : 0;
572 		len = cifs_strtoUTF16(user, ses->user_name, len, nls_cp);
578 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,
586 	/* convert ses->domainName to unicode and uppercase */
587 	if (ses->domainName) {
588 		len = strlen(ses->domainName);
595 		len = cifs_strtoUTF16((__le16 *)domain, ses->domainName, len,
598 		crypto_shash_update(ses->server->secmech.hmacmd5,
607 		/* We use ses->ip_addr if no domain name available */
608 		len = strlen(ses->ip_addr);
615 		len = cifs_strtoUTF16((__le16 *)server, ses->ip_addr, len,
618 		crypto_shash_update(ses->server->secmech.hmacmd5,
628 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,
637 CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash)
641 	    (ses->auth_key.response + CIFS_SESS_KEY_SIZE);
645 	hash_len = ses->auth_key.len - (CIFS_SESS_KEY_SIZE +
648 	if (!ses->server->secmech.hmacmd5) {
653 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm,
661 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);
667 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)
669 		       ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
672 		       ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
673 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,
681 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,
690 setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
705 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {
706 		if (!ses->domainName) {
707 			if (ses->domainAuto) {
708 				rc = find_domain_name(ses, nls_cp);
715 				ses->domainName = kstrdup("", GFP_KERNEL);
719 		rc = build_avpair_blob(ses, nls_cp);
730 	rsp_timestamp = find_timestamp(ses);
733 	tilen = ses->auth_key.len;
734 	tiblob = ses->auth_key.response;
736 	ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);
737 	if (!ses->auth_key.response) {
739 		ses->auth_key.len = 0;
742 	ses->auth_key.len += baselen;
745 			(ses->auth_key.response + CIFS_SESS_KEY_SIZE);
753 	memcpy(ses->auth_key.response + baselen, tiblob, tilen);
755 	cifs_server_lock(ses->server);
757 	rc = cifs_alloc_hash("hmac(md5)", &ses->server->secmech.hmacmd5);
763 	rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);
770 	rc = CalcNTLMv2_response(ses, ntlmv2_hash);
777 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5->tfm,
785 	rc = crypto_shash_init(ses->server->secmech.hmacmd5);
791 	rc = crypto_shash_update(ses->server->secmech.hmacmd5,
799 	rc = crypto_shash_final(ses->server->secmech.hmacmd5,
800 		ses->auth_key.response);
805 	cifs_server_unlock(ses->server);
813 calc_seckey(struct cifs_ses *ses)
829 	cifs_arc4_setkey(ctx_arc4, ses->auth_key.response, CIFS_SESS_KEY_SIZE);
830 	cifs_arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key,
834 	memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
836 	ses->auth_key.len = CIFS_SESS_KEY_SIZE;

Indexes created Sat May 04 09:44:38 MDT 2024