1*fb217153SAlexander Stetsenko /*
2*fb217153SAlexander Stetsenko * This file and its contents are supplied under the terms of the
3*fb217153SAlexander Stetsenko * Common Development and Distribution License ("CDDL"), version 1.0.
4*fb217153SAlexander Stetsenko * You may only use this file in accordance with the terms of version
5*fb217153SAlexander Stetsenko * 1.0 of the CDDL.
6*fb217153SAlexander Stetsenko *
7*fb217153SAlexander Stetsenko * A full copy of the text of the CDDL should have accompanied this
8*fb217153SAlexander Stetsenko * source. A copy of the CDDL is also available via the Internet at
9*fb217153SAlexander Stetsenko * http://www.illumos.org/license/CDDL.
10*fb217153SAlexander Stetsenko */
11*fb217153SAlexander Stetsenko
12*fb217153SAlexander Stetsenko /*
13*fb217153SAlexander Stetsenko * Copyright 2021-2025 RackTop Systems, Inc.
14*fb217153SAlexander Stetsenko */
15*fb217153SAlexander Stetsenko
16*fb217153SAlexander Stetsenko #include <sys/types.h>
17*fb217153SAlexander Stetsenko
18*fb217153SAlexander Stetsenko #include <netsmb/smb_conn.h>
19*fb217153SAlexander Stetsenko #include <netsmb/nsmb_kcrypt.h>
20*fb217153SAlexander Stetsenko
21*fb217153SAlexander Stetsenko #include <netsmb/mchain.h>
22*fb217153SAlexander Stetsenko
23*fb217153SAlexander Stetsenko /*
24*fb217153SAlexander Stetsenko * SMB 3.1.1 Preauth Integrity
25*fb217153SAlexander Stetsenko */
26*fb217153SAlexander Stetsenko
27*fb217153SAlexander Stetsenko /*
28*fb217153SAlexander Stetsenko * (called from smb2_negotiate_common)
29*fb217153SAlexander Stetsenko */
30*fb217153SAlexander Stetsenko int
nsmb_preauth_init(smb_vc_t * vcp)31*fb217153SAlexander Stetsenko nsmb_preauth_init(smb_vc_t *vcp)
32*fb217153SAlexander Stetsenko {
33*fb217153SAlexander Stetsenko int rc;
34*fb217153SAlexander Stetsenko
35*fb217153SAlexander Stetsenko rc = nsmb_sha512_getmech(&vcp->vc3_preauthmech);
36*fb217153SAlexander Stetsenko if (rc != 0) {
37*fb217153SAlexander Stetsenko return (EAUTH);
38*fb217153SAlexander Stetsenko }
39*fb217153SAlexander Stetsenko
40*fb217153SAlexander Stetsenko return (rc);
41*fb217153SAlexander Stetsenko }
42*fb217153SAlexander Stetsenko
43*fb217153SAlexander Stetsenko /* ARGSUSED */
44*fb217153SAlexander Stetsenko int
nsmb_preauth_calc(smb_vc_t * vcp,mblk_t * mb,uint8_t * in_hashval,uint8_t * out_hashval)45*fb217153SAlexander Stetsenko nsmb_preauth_calc(smb_vc_t *vcp, mblk_t *mb,
46*fb217153SAlexander Stetsenko uint8_t *in_hashval, uint8_t *out_hashval)
47*fb217153SAlexander Stetsenko {
48*fb217153SAlexander Stetsenko smb_sign_ctx_t ctx = 0;
49*fb217153SAlexander Stetsenko int rc;
50*fb217153SAlexander Stetsenko
51*fb217153SAlexander Stetsenko if ((rc = nsmb_sha512_init(&ctx, &vcp->vc3_preauthmech)) != 0)
52*fb217153SAlexander Stetsenko return (rc);
53*fb217153SAlexander Stetsenko
54*fb217153SAlexander Stetsenko /* Digest current hashval */
55*fb217153SAlexander Stetsenko rc = nsmb_sha512_update(ctx, in_hashval, SHA512_DIGEST_LENGTH);
56*fb217153SAlexander Stetsenko if (rc != 0)
57*fb217153SAlexander Stetsenko return (rc);
58*fb217153SAlexander Stetsenko
59*fb217153SAlexander Stetsenko while (mb != NULL) {
60*fb217153SAlexander Stetsenko size_t len = MBLKL(mb);
61*fb217153SAlexander Stetsenko
62*fb217153SAlexander Stetsenko rc = nsmb_sha512_update(ctx, mb->b_rptr, len);
63*fb217153SAlexander Stetsenko if (rc != 0)
64*fb217153SAlexander Stetsenko return (rc);
65*fb217153SAlexander Stetsenko mb = mb->b_cont;
66*fb217153SAlexander Stetsenko }
67*fb217153SAlexander Stetsenko
68*fb217153SAlexander Stetsenko rc = nsmb_sha512_final(ctx, out_hashval);
69*fb217153SAlexander Stetsenko
70*fb217153SAlexander Stetsenko return (rc);
71*fb217153SAlexander Stetsenko }
72