xref: /linux/fs/smb/server/auth.h (revision c4bbe83d27c2446a033cc0381c3fb6be5e8c41c7)
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
4  */
5 
6 #ifndef __AUTH_H__
7 #define __AUTH_H__
8 
9 #include "ntlmssp.h"
10 
11 #ifdef CONFIG_SMB_SERVER_KERBEROS5
12 #define AUTH_GSS_LENGTH		96
13 #define AUTH_GSS_PADDING	0
14 #else
15 #define AUTH_GSS_LENGTH		74
16 #define AUTH_GSS_PADDING	6
17 #endif
18 
19 #define CIFS_HMAC_MD5_HASH_SIZE	(16)
20 #define CIFS_NTHASH_SIZE	(16)
21 
22 /*
23  * Size of the ntlm client response
24  */
25 #define CIFS_AUTH_RESP_SIZE		24
26 #define CIFS_SMB1_SIGNATURE_SIZE	8
27 #define CIFS_SMB1_SESSKEY_SIZE		16
28 
29 #define KSMBD_AUTH_NTLMSSP	0x0001
30 #define KSMBD_AUTH_KRB5		0x0002
31 #define KSMBD_AUTH_MSKRB5	0x0004
32 #define KSMBD_AUTH_KRB5U2U	0x0008
33 
34 struct ksmbd_session;
35 struct ksmbd_conn;
36 struct ksmbd_work;
37 struct kvec;
38 
39 int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
40 			unsigned int nvec, int enc);
41 void ksmbd_copy_gss_neg_header(void *buf);
42 int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
43 		      struct ntlmv2_resp *ntlmv2, int blen, char *domain_name,
44 		      char *cryptkey);
45 int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
46 				   int blob_len, struct ksmbd_conn *conn,
47 				   struct ksmbd_session *sess);
48 int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
49 				  int blob_len, struct ksmbd_conn *conn);
50 unsigned int
51 ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
52 				   struct ksmbd_conn *conn);
53 int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
54 			    int in_len,	char *out_blob, int *out_len);
55 int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
56 			int n_vec, char *sig);
57 int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
58 			int n_vec, char *sig);
59 int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
60 			       struct ksmbd_conn *conn);
61 int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
62 				struct ksmbd_conn *conn);
63 int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,
64 				  struct ksmbd_session *sess);
65 int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn,
66 				   struct ksmbd_session *sess);
67 int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
68 				     __u8 *pi_hash);
69 int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
70 		      __u8 *pi_hash);
71 #endif
72