1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
4 */
5
6#ifndef __AUTH_H__
7#define __AUTH_H__
8
9#include "ntlmssp.h"
10
11#ifdef CONFIG_SMB_SERVER_KERBEROS5
12#define AUTH_GSS_LENGTH		96
13#define AUTH_GSS_PADDING	0
14#else
15#define AUTH_GSS_LENGTH		74
16#define AUTH_GSS_PADDING	6
17#endif
18
19#define CIFS_HMAC_MD5_HASH_SIZE	(16)
20#define CIFS_NTHASH_SIZE	(16)
21
22/*
23 * Size of the ntlm client response
24 */
25#define CIFS_AUTH_RESP_SIZE		24
26#define CIFS_SMB1_SIGNATURE_SIZE	8
27#define CIFS_SMB1_SESSKEY_SIZE		16
28
29#define KSMBD_AUTH_NTLMSSP	0x0001
30#define KSMBD_AUTH_KRB5		0x0002
31#define KSMBD_AUTH_MSKRB5	0x0004
32#define KSMBD_AUTH_KRB5U2U	0x0008
33
34struct ksmbd_session;
35struct ksmbd_conn;
36struct ksmbd_work;
37struct kvec;
38
39int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
40			unsigned int nvec, int enc);
41void ksmbd_copy_gss_neg_header(void *buf);
42int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
43		      struct ntlmv2_resp *ntlmv2, int blen, char *domain_name,
44		      char *cryptkey);
45int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
46				   int blob_len, struct ksmbd_conn *conn,
47				   struct ksmbd_session *sess);
48int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
49				  int blob_len, struct ksmbd_conn *conn);
50unsigned int
51ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
52				   struct ksmbd_conn *conn);
53int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
54			    int in_len,	char *out_blob, int *out_len);
55int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
56			int n_vec, char *sig);
57int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
58			int n_vec, char *sig);
59int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
60			       struct ksmbd_conn *conn);
61int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
62				struct ksmbd_conn *conn);
63int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,
64				  struct ksmbd_session *sess);
65int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn,
66				   struct ksmbd_session *sess);
67int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
68				     __u8 *pi_hash);
69int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
70		      __u8 *pi_hash);
71#endif
72