28 			struct TCP_Server_Info *server, char *signature,  in __cifs_calc_signature()  argument
35 	int is_smb2 = server->vals->header_preamble_size == 0;  in __cifs_calc_signature()
97  * should be called with the server->srv_mutex held.
100 			struct TCP_Server_Info *server, char *signature)  in cifs_calc_signature()  argument
104 	if (!rqst->rq_iov || !signature || !server)  in cifs_calc_signature()
107 	rc = cifs_alloc_hash("md5", &server->secmech.md5,  in cifs_calc_signature()
108 			     &server->secmech.sdescmd5);  in cifs_calc_signature()
112 	rc = crypto_shash_init(&server->secmech.sdescmd5->shash);  in cifs_calc_signature()
118 	rc = crypto_shash_update(&server->secmech.sdescmd5->shash,  in cifs_calc_signature()
119 		server->session_key.response, server->session_key.len);  in cifs_calc_signature()
125 	return __cifs_calc_signature(rqst, server, signature,  in cifs_calc_signature()
126 				     &server->secmech.sdescmd5->shash);  in cifs_calc_signature()
129 /* must be called with server->srv_mutex held */
130 int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server,  in cifs_sign_rqst()  argument
141 	if ((cifs_pdu == NULL) || (server == NULL))  in cifs_sign_rqst()
145 	    server->tcpStatus == CifsNeedNegotiate)  in cifs_sign_rqst()
148 	if (!server->session_estab) {  in cifs_sign_rqst()
154 				cpu_to_le32(server->sequence_number);  in cifs_sign_rqst()
157 	*pexpected_response_sequence_number = ++server->sequence_number;  in cifs_sign_rqst()
158 	++server->sequence_number;  in cifs_sign_rqst()
160 	rc = cifs_calc_signature(rqst, server, smb_signature);  in cifs_sign_rqst()
169 int cifs_sign_smbv(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,  in cifs_sign_smbv()  argument
175 	return cifs_sign_rqst(&rqst, server, pexpected_response_sequence);  in cifs_sign_smbv()
178 /* must be called with server->srv_mutex held */
179 int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,  in cifs_sign_smb()  argument
189 	return cifs_sign_smbv(iov, 2, server,  in cifs_sign_smb()
194 			  struct TCP_Server_Info *server,  in cifs_verify_signature()  argument
206 	if (cifs_pdu == NULL || server == NULL)  in cifs_verify_signature()
209 	if (!server->session_estab)  in cifs_verify_signature()
220 	   server does not send one? BB */  in cifs_verify_signature()
228 		its signature against what the server sent */  in cifs_verify_signature()
235 	mutex_lock(&server->srv_mutex);  in cifs_verify_signature()
236 	rc = cifs_calc_signature(rqst, server, what_we_think_sig_should_be);  in cifs_verify_signature()
237 	mutex_unlock(&server->srv_mutex);  in cifs_verify_signature()
302 /* Server has provided av pairs/target info in the type 2 challenge
308  * domain name, authentication may fail against some server but
358 /* Server has provided av pairs/target info in the type 2 challenge
360  * We parse that blob here to find the server given timestamp
410 	wchar_t *server;  in calc_ntlmv2_hash()  local
412 	if (!ses->server->secmech.sdeschmacmd5) {  in calc_ntlmv2_hash()
420 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,  in calc_ntlmv2_hash()
427 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);  in calc_ntlmv2_hash()
448 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,  in calc_ntlmv2_hash()
468 		crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,  in calc_ntlmv2_hash()
480 		server = kmalloc(2 + (len * 2), GFP_KERNEL);  in calc_ntlmv2_hash()
481 		if (server == NULL) {  in calc_ntlmv2_hash()
485 		len = cifs_strtoUTF16((__le16 *)server, ses->ip_addr, len,  in calc_ntlmv2_hash()
488 		crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,  in calc_ntlmv2_hash()
489 					(char *)server, 2 * len);  in calc_ntlmv2_hash()
490 		kfree(server);  in calc_ntlmv2_hash()
492 			cifs_dbg(VFS, "%s: Could not update with server\n",  in calc_ntlmv2_hash()
498 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,  in calc_ntlmv2_hash()
518 	if (!ses->server->secmech.sdeschmacmd5) {  in CalcNTLMv2_response()
523 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,  in CalcNTLMv2_response()
531 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);  in CalcNTLMv2_response()
537 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED)  in CalcNTLMv2_response()
542 		       ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);  in CalcNTLMv2_response()
543 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,  in CalcNTLMv2_response()
551 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,  in CalcNTLMv2_response()
575 	if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) {  in setup_ntlmv2_rsp()
596 	/* Must be within 5 minutes of the server (or in range +/-2h  in setup_ntlmv2_rsp()
597 	 * in case of Mac OS X), so simply carry over server timestamp  in setup_ntlmv2_rsp()
625 	mutex_lock(&ses->server->srv_mutex);  in setup_ntlmv2_rsp()
628 			     &ses->server->secmech.hmacmd5,  in setup_ntlmv2_rsp()
629 			     &ses->server->secmech.sdeschmacmd5);  in setup_ntlmv2_rsp()
649 	rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,  in setup_ntlmv2_rsp()
657 	rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);  in setup_ntlmv2_rsp()
663 	rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,  in setup_ntlmv2_rsp()
671 	rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,  in setup_ntlmv2_rsp()
677 	mutex_unlock(&ses->server->srv_mutex);  in setup_ntlmv2_rsp()
716 cifs_crypto_secmech_release(struct TCP_Server_Info *server)  in cifs_crypto_secmech_release()  argument
718 	if (server->secmech.cmacaes) {  in cifs_crypto_secmech_release()
719 		crypto_free_shash(server->secmech.cmacaes);  in cifs_crypto_secmech_release()
720 		server->secmech.cmacaes = NULL;  in cifs_crypto_secmech_release()
723 	if (server->secmech.hmacsha256) {  in cifs_crypto_secmech_release()
724 		crypto_free_shash(server->secmech.hmacsha256);  in cifs_crypto_secmech_release()
725 		server->secmech.hmacsha256 = NULL;  in cifs_crypto_secmech_release()
728 	if (server->secmech.md5) {  in cifs_crypto_secmech_release()
729 		crypto_free_shash(server->secmech.md5);  in cifs_crypto_secmech_release()
730 		server->secmech.md5 = NULL;  in cifs_crypto_secmech_release()
733 	if (server->secmech.sha512) {  in cifs_crypto_secmech_release()
734 		crypto_free_shash(server->secmech.sha512);  in cifs_crypto_secmech_release()
735 		server->secmech.sha512 = NULL;  in cifs_crypto_secmech_release()
738 	if (server->secmech.hmacmd5) {  in cifs_crypto_secmech_release()
739 		crypto_free_shash(server->secmech.hmacmd5);  in cifs_crypto_secmech_release()
740 		server->secmech.hmacmd5 = NULL;  in cifs_crypto_secmech_release()
743 	if (server->secmech.ccmaesencrypt) {  in cifs_crypto_secmech_release()
744 		crypto_free_aead(server->secmech.ccmaesencrypt);  in cifs_crypto_secmech_release()
745 		server->secmech.ccmaesencrypt = NULL;  in cifs_crypto_secmech_release()
748 	if (server->secmech.ccmaesdecrypt) {  in cifs_crypto_secmech_release()
749 		crypto_free_aead(server->secmech.ccmaesdecrypt);  in cifs_crypto_secmech_release()
750 		server->secmech.ccmaesdecrypt = NULL;  in cifs_crypto_secmech_release()
753 	kfree(server->secmech.sdesccmacaes);  in cifs_crypto_secmech_release()
754 	server->secmech.sdesccmacaes = NULL;  in cifs_crypto_secmech_release()
755 	kfree(server->secmech.sdeschmacsha256);  in cifs_crypto_secmech_release()
756 	server->secmech.sdeschmacsha256 = NULL;  in cifs_crypto_secmech_release()
757 	kfree(server->secmech.sdeschmacmd5);  in cifs_crypto_secmech_release()
758 	server->secmech.sdeschmacmd5 = NULL;  in cifs_crypto_secmech_release()
759 	kfree(server->secmech.sdescmd5);  in cifs_crypto_secmech_release()
760 	server->secmech.sdescmd5 = NULL;  in cifs_crypto_secmech_release()
761 	kfree(server->secmech.sdescsha512);  in cifs_crypto_secmech_release()
762 	server->secmech.sdescsha512 = NULL;  in cifs_crypto_secmech_release()