xref: /freebsd/sys/netsmb/smb_crypt.c (revision c398230b64aea809cb7c5cea8db580af7097920c)
1c398230bSWarner Losh /*-
2681a5bbeSBoris Popov  * Copyright (c) 2000-2001, Boris Popov
3681a5bbeSBoris Popov  * All rights reserved.
4681a5bbeSBoris Popov  *
5190b2c4fSTim J. Robbins  * Copyright (c) 2003, 2004 Tim J. Robbins.
6190b2c4fSTim J. Robbins  * All rights reserved.
7190b2c4fSTim J. Robbins  *
8681a5bbeSBoris Popov  * Redistribution and use in source and binary forms, with or without
9681a5bbeSBoris Popov  * modification, are permitted provided that the following conditions
10681a5bbeSBoris Popov  * are met:
11681a5bbeSBoris Popov  * 1. Redistributions of source code must retain the above copyright
12681a5bbeSBoris Popov  *    notice, this list of conditions and the following disclaimer.
13681a5bbeSBoris Popov  * 2. Redistributions in binary form must reproduce the above copyright
14681a5bbeSBoris Popov  *    notice, this list of conditions and the following disclaimer in the
15681a5bbeSBoris Popov  *    documentation and/or other materials provided with the distribution.
16681a5bbeSBoris Popov  * 3. All advertising materials mentioning features or use of this software
17681a5bbeSBoris Popov  *    must display the following acknowledgement:
18681a5bbeSBoris Popov  *    This product includes software developed by Boris Popov.
19681a5bbeSBoris Popov  * 4. Neither the name of the author nor the names of any co-contributors
20681a5bbeSBoris Popov  *    may be used to endorse or promote products derived from this software
21681a5bbeSBoris Popov  *    without specific prior written permission.
22681a5bbeSBoris Popov  *
23681a5bbeSBoris Popov  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24681a5bbeSBoris Popov  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25681a5bbeSBoris Popov  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26681a5bbeSBoris Popov  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27681a5bbeSBoris Popov  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28681a5bbeSBoris Popov  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29681a5bbeSBoris Popov  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30681a5bbeSBoris Popov  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31681a5bbeSBoris Popov  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32681a5bbeSBoris Popov  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33681a5bbeSBoris Popov  * SUCH DAMAGE.
34681a5bbeSBoris Popov  */
35ab0de15bSDavid E. O'Brien 
36ab0de15bSDavid E. O'Brien #include <sys/cdefs.h>
37ab0de15bSDavid E. O'Brien __FBSDID("$FreeBSD$");
38ab0de15bSDavid E. O'Brien 
39681a5bbeSBoris Popov #include <sys/param.h>
40681a5bbeSBoris Popov #include <sys/malloc.h>
41681a5bbeSBoris Popov #include <sys/kernel.h>
42681a5bbeSBoris Popov #include <sys/systm.h>
43681a5bbeSBoris Popov #include <sys/conf.h>
44681a5bbeSBoris Popov #include <sys/proc.h>
45681a5bbeSBoris Popov #include <sys/fcntl.h>
46681a5bbeSBoris Popov #include <sys/socket.h>
47681a5bbeSBoris Popov #include <sys/socketvar.h>
48681a5bbeSBoris Popov #include <sys/sysctl.h>
49190b2c4fSTim J. Robbins #include <sys/endian.h>
50190b2c4fSTim J. Robbins #include <sys/mbuf.h>
51190b2c4fSTim J. Robbins #include <sys/mchain.h>
52681a5bbeSBoris Popov #include <sys/md4.h>
53190b2c4fSTim J. Robbins #include <sys/md5.h>
54681a5bbeSBoris Popov #include <sys/iconv.h>
55681a5bbeSBoris Popov 
56681a5bbeSBoris Popov #include <netsmb/smb.h>
57681a5bbeSBoris Popov #include <netsmb/smb_conn.h>
58681a5bbeSBoris Popov #include <netsmb/smb_subr.h>
59190b2c4fSTim J. Robbins #include <netsmb/smb_rq.h>
60681a5bbeSBoris Popov #include <netsmb/smb_dev.h>
61681a5bbeSBoris Popov 
62681a5bbeSBoris Popov #include "opt_netsmb.h"
63681a5bbeSBoris Popov 
64681a5bbeSBoris Popov #ifdef NETSMBCRYPTO
65681a5bbeSBoris Popov 
66681a5bbeSBoris Popov #include <crypto/des/des.h>
67681a5bbeSBoris Popov 
68681a5bbeSBoris Popov static u_char N8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
69681a5bbeSBoris Popov 
70681a5bbeSBoris Popov 
71681a5bbeSBoris Popov static void
72681a5bbeSBoris Popov smb_E(const u_char *key, u_char *data, u_char *dest)
73681a5bbeSBoris Popov {
74681a5bbeSBoris Popov 	des_key_schedule *ksp;
75681a5bbeSBoris Popov 	u_char kk[8];
76681a5bbeSBoris Popov 
77681a5bbeSBoris Popov 	kk[0] = key[0] & 0xfe;
78681a5bbeSBoris Popov 	kk[1] = key[0] << 7 | (key[1] >> 1 & 0xfe);
79681a5bbeSBoris Popov 	kk[2] = key[1] << 6 | (key[2] >> 2 & 0xfe);
80681a5bbeSBoris Popov 	kk[3] = key[2] << 5 | (key[3] >> 3 & 0xfe);
81681a5bbeSBoris Popov 	kk[4] = key[3] << 4 | (key[4] >> 4 & 0xfe);
82681a5bbeSBoris Popov 	kk[5] = key[4] << 3 | (key[5] >> 5 & 0xfe);
83681a5bbeSBoris Popov 	kk[6] = key[5] << 2 | (key[6] >> 6 & 0xfe);
84681a5bbeSBoris Popov 	kk[7] = key[6] << 1;
85a163d034SWarner Losh 	ksp = malloc(sizeof(des_key_schedule), M_SMBTEMP, M_WAITOK);
8633841545SHajimu UMEMOTO 	des_set_key((des_cblock *)kk, *ksp);
8733841545SHajimu UMEMOTO 	des_ecb_encrypt((des_cblock *)data, (des_cblock *)dest, *ksp, 1);
88681a5bbeSBoris Popov 	free(ksp, M_SMBTEMP);
89681a5bbeSBoris Popov }
90681a5bbeSBoris Popov #endif
91681a5bbeSBoris Popov 
92681a5bbeSBoris Popov 
93681a5bbeSBoris Popov int
94681a5bbeSBoris Popov smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN)
95681a5bbeSBoris Popov {
96681a5bbeSBoris Popov #ifdef NETSMBCRYPTO
97681a5bbeSBoris Popov 	u_char *p, *P14, *S21;
98681a5bbeSBoris Popov 
99a163d034SWarner Losh 	p = malloc(14 + 21, M_SMBTEMP, M_WAITOK);
100681a5bbeSBoris Popov 	bzero(p, 14 + 21);
101681a5bbeSBoris Popov 	P14 = p;
102681a5bbeSBoris Popov 	S21 = p + 14;
103681a5bbeSBoris Popov 	bcopy(apwd, P14, min(14, strlen(apwd)));
104681a5bbeSBoris Popov 	/*
105681a5bbeSBoris Popov 	 * S21 = concat(Ex(P14, N8), zeros(5));
106681a5bbeSBoris Popov 	 */
107681a5bbeSBoris Popov 	smb_E(P14, N8, S21);
108681a5bbeSBoris Popov 	smb_E(P14 + 7, N8, S21 + 8);
109681a5bbeSBoris Popov 
110681a5bbeSBoris Popov 	smb_E(S21, C8, RN);
111681a5bbeSBoris Popov 	smb_E(S21 + 7, C8, RN + 8);
112681a5bbeSBoris Popov 	smb_E(S21 + 14, C8, RN + 16);
113681a5bbeSBoris Popov 	free(p, M_SMBTEMP);
114681a5bbeSBoris Popov 	return 0;
115681a5bbeSBoris Popov #else
116681a5bbeSBoris Popov 	SMBERROR("password encryption is not available\n");
117681a5bbeSBoris Popov 	bzero(RN, 24);
118681a5bbeSBoris Popov 	return EAUTH;
119681a5bbeSBoris Popov #endif
120681a5bbeSBoris Popov }
121681a5bbeSBoris Popov 
122681a5bbeSBoris Popov int
123681a5bbeSBoris Popov smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN)
124681a5bbeSBoris Popov {
125681a5bbeSBoris Popov #ifdef NETSMBCRYPTO
126681a5bbeSBoris Popov 	u_char S21[21];
127681a5bbeSBoris Popov 	u_int16_t *unipwd;
128681a5bbeSBoris Popov 	MD4_CTX *ctxp;
129681a5bbeSBoris Popov 	int len;
130681a5bbeSBoris Popov 
131681a5bbeSBoris Popov 	len = strlen(apwd);
132a163d034SWarner Losh 	unipwd = malloc((len + 1) * sizeof(u_int16_t), M_SMBTEMP, M_WAITOK);
133681a5bbeSBoris Popov 	/*
134681a5bbeSBoris Popov 	 * S21 = concat(MD4(U(apwd)), zeros(5));
135681a5bbeSBoris Popov 	 */
136681a5bbeSBoris Popov 	smb_strtouni(unipwd, apwd);
137a163d034SWarner Losh 	ctxp = malloc(sizeof(MD4_CTX), M_SMBTEMP, M_WAITOK);
138681a5bbeSBoris Popov 	MD4Init(ctxp);
139681a5bbeSBoris Popov 	MD4Update(ctxp, (u_char*)unipwd, len * sizeof(u_int16_t));
140681a5bbeSBoris Popov 	free(unipwd, M_SMBTEMP);
141681a5bbeSBoris Popov 	bzero(S21, 21);
142681a5bbeSBoris Popov 	MD4Final(S21, ctxp);
143681a5bbeSBoris Popov 	free(ctxp, M_SMBTEMP);
144681a5bbeSBoris Popov 
145681a5bbeSBoris Popov 	smb_E(S21, C8, RN);
146681a5bbeSBoris Popov 	smb_E(S21 + 7, C8, RN + 8);
147681a5bbeSBoris Popov 	smb_E(S21 + 14, C8, RN + 16);
148681a5bbeSBoris Popov 	return 0;
149681a5bbeSBoris Popov #else
150681a5bbeSBoris Popov 	SMBERROR("password encryption is not available\n");
151681a5bbeSBoris Popov 	bzero(RN, 24);
152681a5bbeSBoris Popov 	return EAUTH;
153681a5bbeSBoris Popov #endif
154681a5bbeSBoris Popov }
155681a5bbeSBoris Popov 
156190b2c4fSTim J. Robbins /*
157190b2c4fSTim J. Robbins  * Calculate message authentication code (MAC) key for virtual circuit.
158190b2c4fSTim J. Robbins  */
159190b2c4fSTim J. Robbins int
160190b2c4fSTim J. Robbins smb_calcmackey(struct smb_vc *vcp)
161190b2c4fSTim J. Robbins {
162190b2c4fSTim J. Robbins #ifdef NETSMBCRYPTO
163190b2c4fSTim J. Robbins 	const char *pwd;
164190b2c4fSTim J. Robbins 	u_int16_t *unipwd;
165190b2c4fSTim J. Robbins 	int len;
166190b2c4fSTim J. Robbins 	MD4_CTX md4;
167190b2c4fSTim J. Robbins 	u_char S16[16], S21[21];
168190b2c4fSTim J. Robbins 
169190b2c4fSTim J. Robbins 	KASSERT(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE,
170190b2c4fSTim J. Robbins 	    ("signatures not enabled"));
171190b2c4fSTim J. Robbins 
172190b2c4fSTim J. Robbins 	if (vcp->vc_mackey != NULL) {
173190b2c4fSTim J. Robbins 		free(vcp->vc_mackey, M_SMBTEMP);
174190b2c4fSTim J. Robbins 		vcp->vc_mackey = NULL;
175190b2c4fSTim J. Robbins 		vcp->vc_mackeylen = 0;
176190b2c4fSTim J. Robbins 		vcp->vc_seqno = 0;
177190b2c4fSTim J. Robbins 	}
178190b2c4fSTim J. Robbins 
179190b2c4fSTim J. Robbins 	/*
180190b2c4fSTim J. Robbins 	 * The partial MAC key is the concatenation of the 16 byte session
181190b2c4fSTim J. Robbins 	 * key and the 24 byte challenge response.
182190b2c4fSTim J. Robbins 	 */
183190b2c4fSTim J. Robbins 	vcp->vc_mackeylen = 16 + 24;
184190b2c4fSTim J. Robbins 	vcp->vc_mackey = malloc(vcp->vc_mackeylen, M_SMBTEMP, M_WAITOK);
185190b2c4fSTim J. Robbins 
186190b2c4fSTim J. Robbins 	/*
187190b2c4fSTim J. Robbins 	 * Calculate session key:
188190b2c4fSTim J. Robbins 	 *	MD4(MD4(U(PN)))
189190b2c4fSTim J. Robbins 	 */
190190b2c4fSTim J. Robbins 	pwd = smb_vc_getpass(vcp);
191190b2c4fSTim J. Robbins 	len = strlen(pwd);
192190b2c4fSTim J. Robbins 	unipwd = malloc((len + 1) * sizeof(u_int16_t), M_SMBTEMP, M_WAITOK);
193190b2c4fSTim J. Robbins 	smb_strtouni(unipwd, pwd);
194190b2c4fSTim J. Robbins 	MD4Init(&md4);
195190b2c4fSTim J. Robbins 	MD4Update(&md4, (u_char *)unipwd, len * sizeof(u_int16_t));
196190b2c4fSTim J. Robbins 	MD4Final(S16, &md4);
197190b2c4fSTim J. Robbins 	MD4Init(&md4);
198190b2c4fSTim J. Robbins 	MD4Update(&md4, S16, 16);
199190b2c4fSTim J. Robbins 	MD4Final(vcp->vc_mackey, &md4);
200190b2c4fSTim J. Robbins 	free(unipwd, M_SMBTEMP);
201190b2c4fSTim J. Robbins 
202190b2c4fSTim J. Robbins 	/*
203190b2c4fSTim J. Robbins 	 * Calculate response to challenge:
204190b2c4fSTim J. Robbins 	 *	Ex(concat(MD4(U(pass)), zeros(5)), C8)
205190b2c4fSTim J. Robbins 	 */
206190b2c4fSTim J. Robbins 	bzero(S21, 21);
207190b2c4fSTim J. Robbins 	bcopy(S16, S21, 16);
208190b2c4fSTim J. Robbins 	smb_E(S21, vcp->vc_ch, vcp->vc_mackey + 16);
209190b2c4fSTim J. Robbins 	smb_E(S21 + 7, vcp->vc_ch, vcp->vc_mackey + 24);
210190b2c4fSTim J. Robbins 	smb_E(S21 + 14, vcp->vc_ch, vcp->vc_mackey + 32);
211190b2c4fSTim J. Robbins 
212190b2c4fSTim J. Robbins 	return (0);
213190b2c4fSTim J. Robbins #else
214190b2c4fSTim J. Robbins 	panic("smb_calcmackey: encryption not available");
215190b2c4fSTim J. Robbins 	return (0);
216190b2c4fSTim J. Robbins #endif	/* NETSMBCRYPTO */
217190b2c4fSTim J. Robbins }
218190b2c4fSTim J. Robbins 
219190b2c4fSTim J. Robbins /*
220190b2c4fSTim J. Robbins  * Sign request with MAC.
221190b2c4fSTim J. Robbins  */
222190b2c4fSTim J. Robbins int
223190b2c4fSTim J. Robbins smb_rq_sign(struct smb_rq *rqp)
224190b2c4fSTim J. Robbins {
225190b2c4fSTim J. Robbins #ifdef NETSMBCRYPTO
226190b2c4fSTim J. Robbins 	struct smb_vc *vcp = rqp->sr_vc;
227190b2c4fSTim J. Robbins 	struct mbchain *mbp;
228190b2c4fSTim J. Robbins 	struct mbuf *mb;
229190b2c4fSTim J. Robbins 	MD5_CTX md5;
230190b2c4fSTim J. Robbins 	u_char digest[16];
231190b2c4fSTim J. Robbins 
232190b2c4fSTim J. Robbins 	KASSERT(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE,
233190b2c4fSTim J. Robbins 	    ("signatures not enabled"));
234190b2c4fSTim J. Robbins 
235190b2c4fSTim J. Robbins 	if (vcp->vc_mackey == NULL)
236190b2c4fSTim J. Robbins 		/* XXX Should assert that cmd == SMB_COM_NEGOTIATE. */
237190b2c4fSTim J. Robbins 		return (0);
238190b2c4fSTim J. Robbins 
239190b2c4fSTim J. Robbins 	/*
240190b2c4fSTim J. Robbins 	 * This is a bit of a kludge. If the request is non-TRANSACTION,
241190b2c4fSTim J. Robbins 	 * or it is the first request of a transaction, give it the next
242190b2c4fSTim J. Robbins 	 * sequence number, and expect the reply to have the sequence number
243190b2c4fSTim J. Robbins 	 * following that one. Otherwise, it is a secondary request in
244190b2c4fSTim J. Robbins 	 * a transaction, and it gets the same sequence numbers as the
245190b2c4fSTim J. Robbins 	 * primary request.
246190b2c4fSTim J. Robbins 	 */
247190b2c4fSTim J. Robbins 	if (rqp->sr_t2 == NULL ||
248190b2c4fSTim J. Robbins 	    (rqp->sr_t2->t2_flags & SMBT2_SECONDARY) == 0) {
249190b2c4fSTim J. Robbins 		rqp->sr_seqno = vcp->vc_seqno++;
250190b2c4fSTim J. Robbins 		rqp->sr_rseqno = vcp->vc_seqno++;
251190b2c4fSTim J. Robbins 	} else {
252190b2c4fSTim J. Robbins 		/*
253190b2c4fSTim J. Robbins 		 * Sequence numbers are already in the struct because
254190b2c4fSTim J. Robbins 		 * smb_t2_request_int() uses the same one for all the
255190b2c4fSTim J. Robbins 		 * requests in the transaction.
256190b2c4fSTim J. Robbins 		 * (At least we hope so.)
257190b2c4fSTim J. Robbins 		 */
258190b2c4fSTim J. Robbins 		KASSERT(rqp->sr_t2 == NULL ||
259190b2c4fSTim J. Robbins 		    (rqp->sr_t2->t2_flags & SMBT2_SECONDARY) == 0 ||
260190b2c4fSTim J. Robbins 		    rqp->sr_t2->t2_rq == rqp,
261190b2c4fSTim J. Robbins 		    ("sec t2 rq not using same smb_rq"));
262190b2c4fSTim J. Robbins 	}
263190b2c4fSTim J. Robbins 
264190b2c4fSTim J. Robbins 	/* Initialize sec. signature field to sequence number + zeros. */
265190b2c4fSTim J. Robbins 	*(u_int32_t *)rqp->sr_rqsig = htole32(rqp->sr_seqno);
266190b2c4fSTim J. Robbins 	*(u_int32_t *)(rqp->sr_rqsig + 4) = 0;
267190b2c4fSTim J. Robbins 
268190b2c4fSTim J. Robbins 	/*
269190b2c4fSTim J. Robbins 	 * Compute HMAC-MD5 of packet data, keyed by MAC key.
270190b2c4fSTim J. Robbins 	 * Store the first 8 bytes in the sec. signature field.
271190b2c4fSTim J. Robbins 	 */
272190b2c4fSTim J. Robbins 	smb_rq_getrequest(rqp, &mbp);
273190b2c4fSTim J. Robbins 	MD5Init(&md5);
274190b2c4fSTim J. Robbins 	MD5Update(&md5, vcp->vc_mackey, vcp->vc_mackeylen);
275190b2c4fSTim J. Robbins 	for (mb = mbp->mb_top; mb != NULL; mb = mb->m_next)
276190b2c4fSTim J. Robbins 		MD5Update(&md5, mtod(mb, void *), mb->m_len);
277190b2c4fSTim J. Robbins 	MD5Final(digest, &md5);
278190b2c4fSTim J. Robbins 	bcopy(digest, rqp->sr_rqsig, 8);
279190b2c4fSTim J. Robbins 
280190b2c4fSTim J. Robbins 	return (0);
281190b2c4fSTim J. Robbins #else
282190b2c4fSTim J. Robbins 	panic("smb_rq_sign: encryption not available");
283190b2c4fSTim J. Robbins 	return (0);
284190b2c4fSTim J. Robbins #endif	/* NETSMBCRYPTO */
285190b2c4fSTim J. Robbins }
286190b2c4fSTim J. Robbins 
287190b2c4fSTim J. Robbins /*
288190b2c4fSTim J. Robbins  * Verify reply signature.
289190b2c4fSTim J. Robbins  */
290190b2c4fSTim J. Robbins int
291190b2c4fSTim J. Robbins smb_rq_verify(struct smb_rq *rqp)
292190b2c4fSTim J. Robbins {
293190b2c4fSTim J. Robbins #ifdef NETSMBCRYPTO
294190b2c4fSTim J. Robbins 	struct smb_vc *vcp = rqp->sr_vc;
295190b2c4fSTim J. Robbins 	struct mdchain *mdp;
296190b2c4fSTim J. Robbins 	u_char sigbuf[8];
297190b2c4fSTim J. Robbins 	MD5_CTX md5;
298190b2c4fSTim J. Robbins 	u_char digest[16];
299190b2c4fSTim J. Robbins 	struct mbuf *mb;
300190b2c4fSTim J. Robbins 
301190b2c4fSTim J. Robbins 	KASSERT(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE,
302190b2c4fSTim J. Robbins 	    ("signatures not enabled"));
303190b2c4fSTim J. Robbins 
304190b2c4fSTim J. Robbins 	if (vcp->vc_mackey == NULL)
305190b2c4fSTim J. Robbins 		/* XXX Should check that this is a SMB_COM_NEGOTIATE reply. */
306190b2c4fSTim J. Robbins 		return (0);
307190b2c4fSTim J. Robbins 
308190b2c4fSTim J. Robbins 	/*
309190b2c4fSTim J. Robbins 	 * Compute HMAC-MD5 of packet data, keyed by MAC key.
310190b2c4fSTim J. Robbins 	 * We play games to pretend the security signature field
311190b2c4fSTim J. Robbins 	 * contains their sequence number, to avoid modifying
312190b2c4fSTim J. Robbins 	 * the packet itself.
313190b2c4fSTim J. Robbins 	 */
314190b2c4fSTim J. Robbins 	smb_rq_getreply(rqp, &mdp);
315190b2c4fSTim J. Robbins 	mb = mdp->md_top;
316190b2c4fSTim J. Robbins 	KASSERT(mb->m_len >= SMB_HDRLEN, ("forgot to m_pullup"));
317190b2c4fSTim J. Robbins 	MD5Init(&md5);
318190b2c4fSTim J. Robbins 	MD5Update(&md5, vcp->vc_mackey, vcp->vc_mackeylen);
319190b2c4fSTim J. Robbins 	MD5Update(&md5, mtod(mb, void *), 14);
320190b2c4fSTim J. Robbins 	*(u_int32_t *)sigbuf = htole32(rqp->sr_rseqno);
321190b2c4fSTim J. Robbins 	*(u_int32_t *)(sigbuf + 4) = 0;
322190b2c4fSTim J. Robbins 	MD5Update(&md5, sigbuf, 8);
323190b2c4fSTim J. Robbins 	MD5Update(&md5, mtod(mb, u_char *) + 22, mb->m_len - 22);
324190b2c4fSTim J. Robbins 	for (mb = mb->m_next; mb != NULL; mb = mb->m_next)
325190b2c4fSTim J. Robbins 		MD5Update(&md5, mtod(mb, void *), mb->m_len);
326190b2c4fSTim J. Robbins 	MD5Final(digest, &md5);
327190b2c4fSTim J. Robbins 
328190b2c4fSTim J. Robbins 	/*
329190b2c4fSTim J. Robbins 	 * Now verify the signature.
330190b2c4fSTim J. Robbins 	 */
331190b2c4fSTim J. Robbins 	if (bcmp(mtod(mdp->md_top, u_char *) + 14, digest, 8) != 0)
332190b2c4fSTim J. Robbins 		return (EAUTH);
333190b2c4fSTim J. Robbins 
334190b2c4fSTim J. Robbins 	return (0);
335190b2c4fSTim J. Robbins #else
336190b2c4fSTim J. Robbins 	panic("smb_rq_verify: encryption not available");
337190b2c4fSTim J. Robbins 	return (0);
338190b2c4fSTim J. Robbins #endif	/* NETSMBCRYPTO */
339190b2c4fSTim J. Robbins }
340