1*38c8a9a5SSteve French /* SPDX-License-Identifier: GPL-2.0-or-later */ 2*38c8a9a5SSteve French /* 3*38c8a9a5SSteve French * Copyright (C) 2018 Samsung Electronics Co., Ltd. 4*38c8a9a5SSteve French */ 5*38c8a9a5SSteve French 6*38c8a9a5SSteve French #ifndef __AUTH_H__ 7*38c8a9a5SSteve French #define __AUTH_H__ 8*38c8a9a5SSteve French 9*38c8a9a5SSteve French #include "ntlmssp.h" 10*38c8a9a5SSteve French 11*38c8a9a5SSteve French #ifdef CONFIG_SMB_SERVER_KERBEROS5 12*38c8a9a5SSteve French #define AUTH_GSS_LENGTH 96 13*38c8a9a5SSteve French #define AUTH_GSS_PADDING 0 14*38c8a9a5SSteve French #else 15*38c8a9a5SSteve French #define AUTH_GSS_LENGTH 74 16*38c8a9a5SSteve French #define AUTH_GSS_PADDING 6 17*38c8a9a5SSteve French #endif 18*38c8a9a5SSteve French 19*38c8a9a5SSteve French #define CIFS_HMAC_MD5_HASH_SIZE (16) 20*38c8a9a5SSteve French #define CIFS_NTHASH_SIZE (16) 21*38c8a9a5SSteve French 22*38c8a9a5SSteve French /* 23*38c8a9a5SSteve French * Size of the ntlm client response 24*38c8a9a5SSteve French */ 25*38c8a9a5SSteve French #define CIFS_AUTH_RESP_SIZE 24 26*38c8a9a5SSteve French #define CIFS_SMB1_SIGNATURE_SIZE 8 27*38c8a9a5SSteve French #define CIFS_SMB1_SESSKEY_SIZE 16 28*38c8a9a5SSteve French 29*38c8a9a5SSteve French #define KSMBD_AUTH_NTLMSSP 0x0001 30*38c8a9a5SSteve French #define KSMBD_AUTH_KRB5 0x0002 31*38c8a9a5SSteve French #define KSMBD_AUTH_MSKRB5 0x0004 32*38c8a9a5SSteve French #define KSMBD_AUTH_KRB5U2U 0x0008 33*38c8a9a5SSteve French 34*38c8a9a5SSteve French struct ksmbd_session; 35*38c8a9a5SSteve French struct ksmbd_conn; 36*38c8a9a5SSteve French struct ksmbd_work; 37*38c8a9a5SSteve French struct kvec; 38*38c8a9a5SSteve French 39*38c8a9a5SSteve French int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov, 40*38c8a9a5SSteve French unsigned int nvec, int enc); 41*38c8a9a5SSteve French void ksmbd_copy_gss_neg_header(void *buf); 42*38c8a9a5SSteve French int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess, 43*38c8a9a5SSteve French struct ntlmv2_resp *ntlmv2, int blen, char *domain_name, 44*38c8a9a5SSteve French char *cryptkey); 45*38c8a9a5SSteve French int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, 46*38c8a9a5SSteve French int blob_len, struct ksmbd_conn *conn, 47*38c8a9a5SSteve French struct ksmbd_session *sess); 48*38c8a9a5SSteve French int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob, 49*38c8a9a5SSteve French int blob_len, struct ksmbd_conn *conn); 50*38c8a9a5SSteve French unsigned int 51*38c8a9a5SSteve French ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, 52*38c8a9a5SSteve French struct ksmbd_conn *conn); 53*38c8a9a5SSteve French int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob, 54*38c8a9a5SSteve French int in_len, char *out_blob, int *out_len); 55*38c8a9a5SSteve French int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, 56*38c8a9a5SSteve French int n_vec, char *sig); 57*38c8a9a5SSteve French int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, 58*38c8a9a5SSteve French int n_vec, char *sig); 59*38c8a9a5SSteve French int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess, 60*38c8a9a5SSteve French struct ksmbd_conn *conn); 61*38c8a9a5SSteve French int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess, 62*38c8a9a5SSteve French struct ksmbd_conn *conn); 63*38c8a9a5SSteve French int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn, 64*38c8a9a5SSteve French struct ksmbd_session *sess); 65*38c8a9a5SSteve French int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn, 66*38c8a9a5SSteve French struct ksmbd_session *sess); 67*38c8a9a5SSteve French int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf, 68*38c8a9a5SSteve French __u8 *pi_hash); 69*38c8a9a5SSteve French int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len, 70*38c8a9a5SSteve French __u8 *pi_hash); 71*38c8a9a5SSteve French #endif 72