[deliverable/linux.git] / fs / cifs / smbencrypt.c

/*
   Unix SMB/Netbios implementation.
   Version 1.9.
   SMB parameters and setup
   Copyright (C) Andrew Tridgell 1992-2000
   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
   Modified by Jeremy Allison 1995.
   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   Modified by Steve French (sfrench@us.ibm.com) 2002-2003

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include <linux/module.h>
#include <linux/slab.h>
#include <linux/fs.h>
#include <linux/string.h>
#include <linux/kernel.h>
#include <linux/random.h>
#include "cifs_unicode.h"
#include "cifspdu.h"
#include "cifsglob.h"
#include "cifs_debug.h"
#include "cifsproto.h"

#ifndef false
#define false 0
#endif
#ifndef true
#define true 1
#endif

/* following came from the other byteorder.h to avoid include conflicts */
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))

static void
str_to_key(unsigned char *str, unsigned char *key)
{
	int i;

	key[0] = str[0] >> 1;
	key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
	key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
	key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
	key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
	key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
	key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
	key[7] = str[6] & 0x7F;
	for (i = 0; i < 8; i++)
		key[i] = (key[i] << 1);
}

static int
smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
{
	int rc;
	unsigned char key2[8];
	struct crypto_blkcipher *tfm_des;
	struct scatterlist sgin, sgout;
	struct blkcipher_desc desc;

	str_to_key(key, key2);

	tfm_des = crypto_alloc_blkcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
	if (IS_ERR(tfm_des)) {
		rc = PTR_ERR(tfm_des);
		cERROR(1, "could not allocate des crypto API\n");
		goto smbhash_err;
	}

	desc.tfm = tfm_des;

	crypto_blkcipher_setkey(tfm_des, key2, 8);

	sg_init_one(&sgin, in, 8);
	sg_init_one(&sgout, out, 8);

	rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, 8);
	if (rc)
		cERROR(1, "could not encrypt crypt key rc: %d\n", rc);

	crypto_free_blkcipher(tfm_des);
smbhash_err:
	return rc;
}

static int
E_P16(unsigned char *p14, unsigned char *p16)
{
	int rc;
	unsigned char sp8[8] =
	    { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };

	rc = smbhash(p16, sp8, p14);
	if (rc)
		return rc;
	rc = smbhash(p16 + 8, sp8, p14 + 7);
	return rc;
}

static int
E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
{
	int rc;

	rc = smbhash(p24, c8, p21);
	if (rc)
		return rc;
	rc = smbhash(p24 + 8, c8, p21 + 7);
	if (rc)
		return rc;
	rc = smbhash(p24 + 16, c8, p21 + 14);
	return rc;
}

/* produce a md4 message digest from data of length n bytes */
int
mdfour(unsigned char *md4_hash, unsigned char *link_str, int link_len)
{
	int rc;
	unsigned int size;
	struct crypto_shash *md4;
	struct sdesc *sdescmd4;

	md4 = crypto_alloc_shash("md4", 0, 0);
	if (IS_ERR(md4)) {
		rc = PTR_ERR(md4);
		cERROR(1, "%s: Crypto md4 allocation error %d\n", __func__, rc);
		return rc;
	}
	size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
	sdescmd4 = kmalloc(size, GFP_KERNEL);
	if (!sdescmd4) {
		rc = -ENOMEM;
		cERROR(1, "%s: Memory allocation failure\n", __func__);
		goto mdfour_err;
	}
	sdescmd4->shash.tfm = md4;
	sdescmd4->shash.flags = 0x0;

	rc = crypto_shash_init(&sdescmd4->shash);
	if (rc) {
		cERROR(1, "%s: Could not init md4 shash\n", __func__);
		goto mdfour_err;
	}
	crypto_shash_update(&sdescmd4->shash, link_str, link_len);
	rc = crypto_shash_final(&sdescmd4->shash, md4_hash);

mdfour_err:
	crypto_free_shash(md4);
	kfree(sdescmd4);

	return rc;
}

/*
   This implements the X/Open SMB password encryption
   It takes a password, a 8 byte "crypt key" and puts 24 bytes of
   encrypted password into p24 */
/* Note that password must be uppercased and null terminated */
int
SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)
{
	int rc;
	unsigned char p14[14], p16[16], p21[21];

	memset(p14, '\0', 14);
	memset(p16, '\0', 16);
	memset(p21, '\0', 21);

	memcpy(p14, passwd, 14);
	rc = E_P16(p14, p16);
	if (rc)
		return rc;

	memcpy(p21, p16, 16);
	rc = E_P24(p21, c8, p24);

	return rc;
}

/* Routines for Windows NT MD4 Hash functions. */
static int
_my_wcslen(__u16 *str)
{
	int len = 0;
	while (*str++ != 0)
		len++;
	return len;
}

/*
 * Convert a string into an NT UNICODE string.
 * Note that regardless of processor type
 * this must be in intel (little-endian)
 * format.
 */

static int
_my_mbstowcs(__u16 *dst, const unsigned char *src, int len)
{	/* BB not a very good conversion routine - change/fix */
	int i;
	__u16 val;

	for (i = 0; i < len; i++) {
		val = *src;
		SSVAL(dst, 0, val);
		dst++;
		src++;
		if (val == 0)
			break;
	}
	return i;
}

/*
 * Creates the MD4 Hash of the users password in NT UNICODE.
 */

int
E_md4hash(const unsigned char *passwd, unsigned char *p16)
{
	int rc;
	int len;
	__u16 wpwd[129];

	/* Password cannot be longer than 128 characters */
	if (passwd) {
		len = strlen((char *) passwd);
		if (len > 128)
			len = 128;

		/* Password must be converted to NT unicode */
		_my_mbstowcs(wpwd, passwd, len);
	} else
		len = 0;

	wpwd[len] = 0;	/* Ensure string is null terminated */
	/* Calculate length in bytes */
	len = _my_wcslen(wpwd) * sizeof(__u16);

	rc = mdfour(p16, (unsigned char *) wpwd, len);
	memset(wpwd, 0, 129 * 2);

	return rc;
}

#if 0 /* currently unused */
/* Does both the NT and LM owfs of a user's password */
static void
nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
{
	char passwd[514];

	memset(passwd, '\0', 514);
	if (strlen(pwd) < 513)
		strcpy(passwd, pwd);
	else
		memcpy(passwd, pwd, 512);
	/* Calculate the MD4 hash (NT compatible) of the password */
	memset(nt_p16, '\0', 16);
	E_md4hash(passwd, nt_p16);

	/* Mangle the passwords into Lanman format */
	passwd[14] = '\0';
/*	strupper(passwd); */

	/* Calculate the SMB (lanman) hash functions of the password */

	memset(p16, '\0', 16);
	E_P16((unsigned char *) passwd, (unsigned char *) p16);

	/* clear out local copy of user's password (just being paranoid). */
	memset(passwd, '\0', sizeof(passwd));
}
#endif

/* Does the NTLMv2 owfs of a user's password */
#if 0  /* function not needed yet - but will be soon */
static void
ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
		const char *domain_n, unsigned char kr_buf[16],
		const struct nls_table *nls_codepage)
{
	wchar_t *user_u;
	wchar_t *dom_u;
	int user_l, domain_l;
	struct HMACMD5Context ctx;

	/* might as well do one alloc to hold both (user_u and dom_u) */
	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
	if (user_u == NULL)
		return;
	dom_u = user_u + 1024;

	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
			STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
	   push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
			STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */

	/* BB user and domain may need to be uppercased */
	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);

	user_l++;		/* trailing null */
	domain_l++;

	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	hmac_md5_update((const unsigned char *) user_u, user_l * 2, &ctx);
	hmac_md5_update((const unsigned char *) dom_u, domain_l * 2, &ctx);
	hmac_md5_final(kr_buf, &ctx);

	kfree(user_u);
}
#endif

/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
#if 0 /* currently unused */
static void
NTLMSSPOWFencrypt(unsigned char passwd[8],
		  unsigned char *ntlmchalresp, unsigned char p24[24])
{
	unsigned char p21[21];

	memset(p21, '\0', 21);
	memcpy(p21, passwd, 8);
	memset(p21 + 8, 0xbd, 8);

	E_P24(p21, ntlmchalresp, p24);
}
#endif

/* Does the NT MD4 hash then des encryption. */
int
SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
{
	int rc;
	unsigned char p16[16], p21[21];

	memset(p16, '\0', 16);
	memset(p21, '\0', 21);

	rc = E_md4hash(passwd, p16);
	if (rc) {
		cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
		return rc;
	}
	memcpy(p21, p16, 16);
	rc = E_P24(p21, c8, p24);
	return rc;
}


/* Does the md5 encryption from the NT hash for NTLMv2. */
/* These routines will be needed later */
#if 0
static void
SMBOWFencrypt_ntv2(const unsigned char kr[16],
		   const struct data_blob *srv_chal,
		   const struct data_blob *cli_chal, unsigned char resp_buf[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	hmac_md5_final(resp_buf, &ctx);
}

static void
SMBsesskeygen_ntv2(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(nt_resp, 16, &ctx);
	hmac_md5_final((unsigned char *) sess_key, &ctx);
}

static void
SMBsesskeygen_ntv1(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	mdfour((unsigned char *) sess_key, (unsigned char *) kr, 16);
}
#endif
Commit	Line	Data
790fe579	1	/*
1da177e4 LT	2	Unix SMB/Netbios implementation.
	3	Version 1.9.
	4	SMB parameters and setup
	5	Copyright (C) Andrew Tridgell 1992-2000
	6	Copyright (C) Luke Kenneth Casson Leighton 1996-2000
	7	Modified by Jeremy Allison 1995.
	8	Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
	9	Modified by Steve French (sfrench@us.ibm.com) 2002-2003
50c2f753	10
1da177e4 LT	11	This program is free software; you can redistribute it and/or modify
	12	it under the terms of the GNU General Public License as published by
	13	the Free Software Foundation; either version 2 of the License, or
	14	(at your option) any later version.
50c2f753	15
1da177e4 LT	16	This program is distributed in the hope that it will be useful,
	17	but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	GNU General Public License for more details.
50c2f753	20
1da177e4 LT	21	You should have received a copy of the GNU General Public License
	22	along with this program; if not, write to the Free Software
	23	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	24	*/
	25
	26	#include <linux/module.h>
5a0e3ad6	27	#include <linux/slab.h>
1da177e4 LT	28	#include <linux/fs.h>
	29	#include <linux/string.h>
	30	#include <linux/kernel.h>
	31	#include <linux/random.h>
	32	#include "cifs_unicode.h"
	33	#include "cifspdu.h"
3979877e	34	#include "cifsglob.h"
1da177e4	35	#include "cifs_debug.h"
ee2c9258	36	#include "cifsproto.h"
1da177e4	37
4b18f2a9 SF	38	#ifndef false
4b18f2a9 SF	39	#define false 0
1da177e4	40	#endif
4b18f2a9 SF	41	#ifndef true
4b18f2a9 SF	42	#define true 1
1da177e4 LT	43	#endif
	44
	45	/* following came from the other byteorder.h to avoid include conflicts */
	46	#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
	47	#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
	48	#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
	49
43988d76 SF	50	static void
	51	str_to_key(unsigned char str, unsigned char key)
	52	{
	53	int i;
	54
	55	key[0] = str[0] >> 1;
	56	key[1] = ((str[0] & 0x01) << 6) \| (str[1] >> 2);
	57	key[2] = ((str[1] & 0x03) << 5) \| (str[2] >> 3);
	58	key[3] = ((str[2] & 0x07) << 4) \| (str[3] >> 4);
	59	key[4] = ((str[3] & 0x0F) << 3) \| (str[4] >> 5);
	60	key[5] = ((str[4] & 0x1F) << 2) \| (str[5] >> 6);
	61	key[6] = ((str[5] & 0x3F) << 1) \| (str[6] >> 7);
	62	key[7] = str[6] & 0x7F;
	63	for (i = 0; i < 8; i++)
	64	key[i] = (key[i] << 1);
	65	}
	66
	67	static int
	68	smbhash(unsigned char out, const unsigned char in, unsigned char *key)
	69	{
	70	int rc;
	71	unsigned char key2[8];
	72	struct crypto_blkcipher *tfm_des;
	73	struct scatterlist sgin, sgout;
	74	struct blkcipher_desc desc;
	75
	76	str_to_key(key, key2);
	77
	78	tfm_des = crypto_alloc_blkcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
	79	if (IS_ERR(tfm_des)) {
	80	rc = PTR_ERR(tfm_des);
	81	cERROR(1, "could not allocate des crypto API\n");
	82	goto smbhash_err;
	83	}
	84
	85	desc.tfm = tfm_des;
	86
	87	crypto_blkcipher_setkey(tfm_des, key2, 8);
	88
	89	sg_init_one(&sgin, in, 8);
	90	sg_init_one(&sgout, out, 8);
	91
	92	rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, 8);
e4fb0edb	93	if (rc)
43988d76	94	cERROR(1, "could not encrypt crypt key rc: %d\n", rc);
43988d76	95
e4fb0edb	96	crypto_free_blkcipher(tfm_des);
43988d76 SF	97	smbhash_err:
	98	return rc;
	99	}
	100
	101	static int
	102	E_P16(unsigned char p14, unsigned char p16)
	103	{
	104	int rc;
	105	unsigned char sp8[8] =
	106	{ 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
	107
	108	rc = smbhash(p16, sp8, p14);
	109	if (rc)
	110	return rc;
	111	rc = smbhash(p16 + 8, sp8, p14 + 7);
	112	return rc;
	113	}
	114
	115	static int
	116	E_P24(unsigned char p21, const unsigned char c8, unsigned char *p24)
	117	{
	118	int rc;
	119
	120	rc = smbhash(p24, c8, p21);
	121	if (rc)
	122	return rc;
	123	rc = smbhash(p24 + 8, c8, p21 + 7);
	124	if (rc)
	125	return rc;
	126	rc = smbhash(p24 + 16, c8, p21 + 14);
	127	return rc;
	128	}
	129
ee2c9258 SP	130	/* produce a md4 message digest from data of length n bytes */
	131	int
	132	mdfour(unsigned char md4_hash, unsigned char link_str, int link_len)
	133	{
	134	int rc;
	135	unsigned int size;
	136	struct crypto_shash *md4;
	137	struct sdesc *sdescmd4;
	138
	139	md4 = crypto_alloc_shash("md4", 0, 0);
	140	if (IS_ERR(md4)) {
ffeb414a	141	rc = PTR_ERR(md4);
ee2c9258	142	cERROR(1, "%s: Crypto md4 allocation error %d\n", __func__, rc);
ffeb414a	143	return rc;
ee2c9258 SP	144	}
	145	size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
	146	sdescmd4 = kmalloc(size, GFP_KERNEL);
	147	if (!sdescmd4) {
	148	rc = -ENOMEM;
	149	cERROR(1, "%s: Memory allocation failure\n", __func__);
	150	goto mdfour_err;
	151	}
	152	sdescmd4->shash.tfm = md4;
	153	sdescmd4->shash.flags = 0x0;
	154
	155	rc = crypto_shash_init(&sdescmd4->shash);
	156	if (rc) {
	157	cERROR(1, "%s: Could not init md4 shash\n", __func__);
	158	goto mdfour_err;
	159	}
	160	crypto_shash_update(&sdescmd4->shash, link_str, link_len);
	161	rc = crypto_shash_final(&sdescmd4->shash, md4_hash);
1da177e4	162
ee2c9258 SP	163	mdfour_err:
	164	crypto_free_shash(md4);
	165	kfree(sdescmd4);
	166
	167	return rc;
	168	}
	169
1da177e4 LT	170	/*
1da177e4 LT	171	This implements the X/Open SMB password encryption
790fe579	172	It takes a password, a 8 byte "crypt key" and puts 24 bytes of
1da177e4 LT	173	encrypted password into p24 */
1da177e4 LT	174	/* Note that password must be uppercased and null terminated */
43988d76	175	int
4e53a3fb	176	SMBencrypt(unsigned char passwd, const unsigned char c8, unsigned char *p24)
1da177e4	177	{
43988d76 SF	178	int rc;
43988d76 SF	179	unsigned char p14[14], p16[16], p21[21];
1da177e4	180
1da177e4	181	memset(p14, '\0', 14);
43988d76 SF	182	memset(p16, '\0', 16);
43988d76 SF	183	memset(p21, '\0', 21);
1da177e4	184
43988d76 SF	185	memcpy(p14, passwd, 14);
	186	rc = E_P16(p14, p16);
	187	if (rc)
	188	return rc;
1da177e4	189
43988d76 SF	190	memcpy(p21, p16, 16);
43988d76 SF	191	rc = E_P24(p21, c8, p24);
50c2f753	192
43988d76	193	return rc;
1da177e4 LT	194	}
	195
	196	/* Routines for Windows NT MD4 Hash functions. */
	197	static int
63d2583f	198	_my_wcslen(__u16 *str)
1da177e4 LT	199	{
	200	int len = 0;
	201	while (*str++ != 0)
	202	len++;
	203	return len;
	204	}
	205
	206	/*
	207	* Convert a string into an NT UNICODE string.
790fe579	208	* Note that regardless of processor type
1da177e4 LT	209	* this must be in intel (little-endian)
	210	* format.
	211	*/
	212
	213	static int
63d2583f	214	_my_mbstowcs(__u16 dst, const unsigned char src, int len)
790fe579	215	{ /* BB not a very good conversion routine - change/fix */
1da177e4 LT	216	int i;
	217	__u16 val;
	218
	219	for (i = 0; i < len; i++) {
	220	val = *src;
	221	SSVAL(dst, 0, val);
	222	dst++;
	223	src++;
	224	if (val == 0)
	225	break;
	226	}
	227	return i;
	228	}
	229
790fe579	230	/*
1da177e4 LT	231	* Creates the MD4 Hash of the users password in NT UNICODE.
	232	*/
	233
ee2c9258	234	int
1da177e4 LT	235	E_md4hash(const unsigned char passwd, unsigned char p16)
1da177e4 LT	236	{
ee2c9258	237	int rc;
1da177e4 LT	238	int len;
	239	__u16 wpwd[129];
	240
	241	/* Password cannot be longer than 128 characters */
790fe579	242	if (passwd) {
1da177e4	243	len = strlen((char *) passwd);
63d2583f	244	if (len > 128)
1da177e4	245	len = 128;
63d2583f	246
1da177e4 LT	247	/* Password must be converted to NT unicode */
	248	_my_mbstowcs(wpwd, passwd, len);
	249	} else
	250	len = 0;
	251
	252	wpwd[len] = 0; /* Ensure string is null terminated */
	253	/* Calculate length in bytes */
630f3f0c	254	len = _my_wcslen(wpwd) * sizeof(__u16);
1da177e4	255
ee2c9258	256	rc = mdfour(p16, (unsigned char *) wpwd, len);
790fe579	257	memset(wpwd, 0, 129 * 2);
ee2c9258 SP	258
ee2c9258 SP	259	return rc;
1da177e4 LT	260	}
1da177e4 LT	261
e10847ed	262	#if 0 /* currently unused */
1da177e4	263	/* Does both the NT and LM owfs of a user's password */
2cd646a2	264	static void
1da177e4 LT	265	nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
	266	{
	267	char passwd[514];
	268
	269	memset(passwd, '\0', 514);
	270	if (strlen(pwd) < 513)
	271	strcpy(passwd, pwd);
	272	else
	273	memcpy(passwd, pwd, 512);
	274	/* Calculate the MD4 hash (NT compatible) of the password */
	275	memset(nt_p16, '\0', 16);
	276	E_md4hash(passwd, nt_p16);
	277
	278	/* Mangle the passwords into Lanman format */
	279	passwd[14] = '\0';
	280	/* strupper(passwd); */
	281
	282	/* Calculate the SMB (lanman) hash functions of the password */
	283
	284	memset(p16, '\0', 16);
	285	E_P16((unsigned char ) passwd, (unsigned char ) p16);
	286
	287	/* clear out local copy of user's password (just being paranoid). */
630f3f0c	288	memset(passwd, '\0', sizeof(passwd));
1da177e4	289	}
e10847ed	290	#endif
1da177e4 LT	291
	292	/* Does the NTLMv2 owfs of a user's password */
	293	#if 0 /* function not needed yet - but will be soon */
	294	static void
	295	ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
	296	const char *domain_n, unsigned char kr_buf[16],
	297	const struct nls_table *nls_codepage)
	298	{
50c2f753 SF	299	wchar_t *user_u;
50c2f753 SF	300	wchar_t *dom_u;
1da177e4 LT	301	int user_l, domain_l;
	302	struct HMACMD5Context ctx;
	303
	304	/* might as well do one alloc to hold both (user_u and dom_u) */
790fe579 SF	305	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
790fe579 SF	306	if (user_u == NULL)
1da177e4 LT	307	return;
1da177e4 LT	308	dom_u = user_u + 1024;
50c2f753	309
63d2583f SF	310	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
	311	STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER);
	312	push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
	313	STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER); */
1da177e4 LT	314
	315	/* BB user and domain may need to be uppercased */
	316	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	317	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);
	318
	319	user_l++; /* trailing null */
	320	domain_l++;
	321
	322	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	323	hmac_md5_update((const unsigned char ) user_u, user_l 2, &ctx);
	324	hmac_md5_update((const unsigned char ) dom_u, domain_l 2, &ctx);
	325	hmac_md5_final(kr_buf, &ctx);
	326
	327	kfree(user_u);
	328	}
790fe579	329	#endif
1da177e4	330
1da177e4	331	/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
e10847ed	332	#if 0 /* currently unused */
2cd646a2	333	static void
1da177e4 LT	334	NTLMSSPOWFencrypt(unsigned char passwd[8],
	335	unsigned char *ntlmchalresp, unsigned char p24[24])
	336	{
	337	unsigned char p21[21];
	338
	339	memset(p21, '\0', 21);
	340	memcpy(p21, passwd, 8);
	341	memset(p21 + 8, 0xbd, 8);
	342
	343	E_P24(p21, ntlmchalresp, p24);
	344	}
e10847ed	345	#endif
1da177e4 LT	346
1da177e4 LT	347	/* Does the NT MD4 hash then des encryption. */
ee2c9258	348	int
1da177e4 LT	349	SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24)
1da177e4 LT	350	{
ee2c9258	351	int rc;
43988d76	352	unsigned char p16[16], p21[21];
1da177e4	353
43988d76	354	memset(p16, '\0', 16);
1da177e4 LT	355	memset(p21, '\0', 21);
1da177e4 LT	356
43988d76	357	rc = E_md4hash(passwd, p16);
ee2c9258 SP	358	if (rc) {
	359	cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
	360	return rc;
	361	}
43988d76 SF	362	memcpy(p21, p16, 16);
43988d76 SF	363	rc = E_P24(p21, c8, p24);
ee2c9258	364	return rc;
1da177e4 LT	365	}
	366
	367
	368	/* Does the md5 encryption from the NT hash for NTLMv2. */
	369	/* These routines will be needed later */
	370	#if 0
	371	static void
	372	SMBOWFencrypt_ntv2(const unsigned char kr[16],
790fe579 SF	373	const struct data_blob *srv_chal,
790fe579 SF	374	const struct data_blob *cli_chal, unsigned char resp_buf[16])
1da177e4	375	{
790fe579	376	struct HMACMD5Context ctx;
1da177e4	377
790fe579 SF	378	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	379	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	380	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	381	hmac_md5_final(resp_buf, &ctx);
1da177e4 LT	382	}
	383
	384	static void
	385	SMBsesskeygen_ntv2(const unsigned char kr[16],
	386	const unsigned char *nt_resp, __u8 sess_key[16])
	387	{
	388	struct HMACMD5Context ctx;
	389
	390	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	391	hmac_md5_update(nt_resp, 16, &ctx);
	392	hmac_md5_final((unsigned char *) sess_key, &ctx);
	393	}
	394
	395	static void
	396	SMBsesskeygen_ntv1(const unsigned char kr[16],
	397	const unsigned char *nt_resp, __u8 sess_key[16])
	398	{
	399	mdfour((unsigned char ) sess_key, (unsigned char ) kr, 16);
	400	}
	401	#endif