1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2/* 3 * Copyright (C) 2018 Samsung Electronics Co., Ltd. 4 */ 5 6#ifndef __AUTH_H__ 7#define __AUTH_H__ 8 9#include "ntlmssp.h" 10 11#ifdef CONFIG_SMB_SERVER_KERBEROS5 12#define AUTH_GSS_LENGTH 96 13#define AUTH_GSS_PADDING 0 14#else 15#define AUTH_GSS_LENGTH 74 16#define AUTH_GSS_PADDING 6 17#endif 18 19#define CIFS_HMAC_MD5_HASH_SIZE (16) 20#define CIFS_NTHASH_SIZE (16) 21 22/* 23 * Size of the ntlm client response 24 */ 25#define CIFS_AUTH_RESP_SIZE 24 26#define CIFS_SMB1_SIGNATURE_SIZE 8 27#define CIFS_SMB1_SESSKEY_SIZE 16 28 29#define KSMBD_AUTH_NTLMSSP 0x0001 30#define KSMBD_AUTH_KRB5 0x0002 31#define KSMBD_AUTH_MSKRB5 0x0004 32#define KSMBD_AUTH_KRB5U2U 0x0008 33 34struct ksmbd_session; 35struct ksmbd_conn; 36struct ksmbd_work; 37struct kvec; 38 39int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov, 40 unsigned int nvec, int enc); 41void ksmbd_copy_gss_neg_header(void *buf); 42int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess, 43 struct ntlmv2_resp *ntlmv2, int blen, char *domain_name, 44 char *cryptkey); 45int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, 46 int blob_len, struct ksmbd_conn *conn, 47 struct ksmbd_session *sess); 48int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob, 49 int blob_len, struct ksmbd_conn *conn); 50unsigned int 51ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, 52 struct ksmbd_conn *conn); 53int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob, 54 int in_len, char *out_blob, int *out_len); 55int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, 56 int n_vec, char *sig); 57int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, 58 int n_vec, char *sig); 59int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess, 60 struct ksmbd_conn *conn); 61int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess, 62 struct ksmbd_conn *conn); 63int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn, 64 struct ksmbd_session *sess); 65int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn, 66 struct ksmbd_session *sess); 67int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf, 68 __u8 *pi_hash); 69int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len, 70 __u8 *pi_hash); 71#endif 72