NTLM auth and sign - Define crypto hash functions and create and send keys needed for key exchange

Mark dependency on crypto modules in Kconfig. Defining per structures sdesc and cifs_secmech which are used to store crypto hash functions and contexts. They are stored per smb connection and used for all auth mechs to genereate hash values and signatures. Allocate crypto hashing functions, security descriptiors, and respective contexts when a smb/tcp connection is established. Release them when a tcp/smb connection is taken down. md5 and hmac-md5 are two crypto hashing functions that are used throught the life of an smb/tcp connection by various functions that calcualte signagure and ntlmv2 hash, HMAC etc. structure ntlmssp_auth is defined as per smb connection. ntlmssp_auth holds ciphertext which is genereated by rc4/arc4 encryption of secondary key, a nonce using ntlmv2 session key and sent in the session key field of the type 3 message sent by the client during ntlmssp negotiation/exchange A key is exchanged with the server if client indicates so in flags in type 1 messsage and server agrees in flag in type 2 message of ntlmssp negotiation. If both client and agree, a key sent by client in type 3 message of ntlmssp negotiation in the session key field. The key is a ciphertext generated off of secondary key, a nonce, using ntlmv2 hash via rc4/arc4. Signing works for ntlmssp in this patch. The sequence number within the server structure needs to be zero until session is established i.e. till type 3 packet of ntlmssp exchange of a to be very first smb session on that smb connection is sent. Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
author: Shirish Pargaonkar <shirishpargaonkar@gmail.com> 2010-10-21 15:25:08 -0400
committer: Steve French <sfrench@us.ibm.com> 2010-10-26 14:35:31 -0400
commit: d2b915210b5ec01409f581421d633eca6c38d444 (patch)
tree: 5e4467f4888eb8c9936fbfd7b5bd7b9058af26e9 /fs/cifs/sess.c
parent: b235f371a2572d7c86a121d96d889eee02ed00e2 (diff)
1 files changed, 19 insertions, 7 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index b2934683bd08..d998c4f7aae5 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -404,7 +404,7 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
        /* In particular we can examine sign flags */
        /* BB spec says that if AvId field of MsvAvTimestamp is populated then
                we must set the MIC field of the AUTHENTICATE_MESSAGE */
+        ses->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags);
        tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);
        tilen = cpu_to_le16(pblob->TargetInfoArray.Length);
        ses->tilen = tilen;
@@ -440,10 +440,12 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer,
                NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE |
                NTLMSSP_NEGOTIATE_NTLM;
        if (ses->server->secMode &
-           (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
+                        (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
                flags |= NTLMSSP_NEGOTIATE_SIGN;
-        if (ses->server->secMode & SECMODE_SIGN_REQUIRED)
+                if (!ses->server->session_estab)
-                flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+                        flags |= NTLMSSP_NEGOTIATE_KEY_XCH |
+                                NTLMSSP_NEGOTIATE_EXTENDED_SEC;
+        }
        sec_blob->NegotiateFlags |= cpu_to_le32(flags);
@@ -543,9 +545,19 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer,
        sec_blob->WorkstationName.MaximumLength = 0;
        tmp += 2;
-        sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
+        if ((ses->ntlmssp.server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
-        sec_blob->SessionKey.Length = 0;
+                        !calc_seckey(ses)) {
-        sec_blob->SessionKey.MaximumLength = 0;
+                memcpy(tmp, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE);
+                sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
+                sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);
+                sec_blob->SessionKey.MaximumLength =
+                                cpu_to_le16(CIFS_CPHTXT_SIZE);
+                tmp += CIFS_CPHTXT_SIZE;
+        } else {
+                sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
+                sec_blob->SessionKey.Length = 0;
+                sec_blob->SessionKey.MaximumLength = 0;
+        }
 setup_ntlmv2_ret:
        *buflen = tmp - pbuffer;
author	Shirish Pargaonkar <shirishpargaonkar@gmail.com>	2010-10-21 15:25:08 -0400
committer	Steve French <sfrench@us.ibm.com>	2010-10-26 14:35:31 -0400
commit	d2b915210b5ec01409f581421d633eca6c38d444 (patch)
tree	5e4467f4888eb8c9936fbfd7b5bd7b9058af26e9 /fs/cifs/sess.c
parent	b235f371a2572d7c86a121d96d889eee02ed00e2 (diff)

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index b2934683bd08..d998c4f7aae5 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c
@@ -404,7 +404,7 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
404	/* In particular we can examine sign flags */	404	/* In particular we can examine sign flags */
405	/* BB spec says that if AvId field of MsvAvTimestamp is populated then	405	/* BB spec says that if AvId field of MsvAvTimestamp is populated then
406	we must set the MIC field of the AUTHENTICATE_MESSAGE */	406	we must set the MIC field of the AUTHENTICATE_MESSAGE */
407		407	ses->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags);
408	tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);	408	tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);
409	tilen = cpu_to_le16(pblob->TargetInfoArray.Length);	409	tilen = cpu_to_le16(pblob->TargetInfoArray.Length);
410	ses->tilen = tilen;	410	ses->tilen = tilen;
@@ -440,10 +440,12 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer,
440	NTLMSSP_NEGOTIATE_128 \| NTLMSSP_NEGOTIATE_UNICODE \|	440	NTLMSSP_NEGOTIATE_128 \| NTLMSSP_NEGOTIATE_UNICODE \|
441	NTLMSSP_NEGOTIATE_NTLM;	441	NTLMSSP_NEGOTIATE_NTLM;
442	if (ses->server->secMode &	442	if (ses->server->secMode &
443	(SECMODE_SIGN_REQUIRED \| SECMODE_SIGN_ENABLED))	443	(SECMODE_SIGN_REQUIRED \| SECMODE_SIGN_ENABLED)) {
444	flags \|= NTLMSSP_NEGOTIATE_SIGN;	444	flags \|= NTLMSSP_NEGOTIATE_SIGN;
445	if (ses->server->secMode & SECMODE_SIGN_REQUIRED)	445	if (!ses->server->session_estab)
446	flags \|= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;	446	flags \|= NTLMSSP_NEGOTIATE_KEY_XCH \|
		447	NTLMSSP_NEGOTIATE_EXTENDED_SEC;
		448	}
447		449
448	sec_blob->NegotiateFlags \|= cpu_to_le32(flags);	450	sec_blob->NegotiateFlags \|= cpu_to_le32(flags);
449		451
@@ -543,9 +545,19 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer,
543	sec_blob->WorkstationName.MaximumLength = 0;	545	sec_blob->WorkstationName.MaximumLength = 0;
544	tmp += 2;	546	tmp += 2;
545		547
546	sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);	548	if ((ses->ntlmssp.server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
547	sec_blob->SessionKey.Length = 0;	549	!calc_seckey(ses)) {
548	sec_blob->SessionKey.MaximumLength = 0;	550	memcpy(tmp, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE);
		551	sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
		552	sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);
		553	sec_blob->SessionKey.MaximumLength =
		554	cpu_to_le16(CIFS_CPHTXT_SIZE);
		555	tmp += CIFS_CPHTXT_SIZE;
		556	} else {
		557	sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
		558	sec_blob->SessionKey.Length = 0;
		559	sec_blob->SessionKey.MaximumLength = 0;
		560	}
549		561
550	setup_ntlmv2_ret:	562	setup_ntlmv2_ret:
551	*buflen = tmp - pbuffer;	563	*buflen = tmp - pbuffer;