1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
14 */
15
16 #ifndef _SMB_KCRYPT_H_
17 #define _SMB_KCRYPT_H_
18
19 /*
20 * SMB signing routines used in {smb,smb2}_signing.c
21 * Two implementations of these (kernel/user) in:
22 * uts/common/fs/smbsrv/smb_sign_kcf.c
23 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
24 */
25
26 #ifdef _KERNEL
27 #include <sys/crypto/api.h>
28 #else
29 #include <security/cryptoki.h>
30 #include <security/pkcs11.h>
31 #endif
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #define MD5_DIGEST_LENGTH 16 /* MD5 digest length in bytes */
38 #define SHA256_DIGEST_LENGTH 32 /* SHA256 digest length in bytes */
39 #define SMB2_SIG_SIZE 16
40
41 #ifdef _KERNEL
42 /* KCF variant */
43 typedef crypto_mechanism_t smb_crypto_mech_t;
44 typedef crypto_context_t smb_sign_ctx_t;
45 typedef struct smb3_enc_ctx {
46 crypto_context_t ctx;
47 crypto_data_t output;
48 size_t len;
49 } smb3_enc_ctx_t;
50 typedef CK_AES_CCM_PARAMS smb3_crypto_param_t;
51 #else /* _KERNEL */
52 /* PKCS11 variant */
53 typedef CK_MECHANISM smb_crypto_mech_t;
54 typedef CK_SESSION_HANDLE smb_sign_ctx_t;
55 typedef struct smb_enc_ctx {
56 CK_SESSION_HANDLE ctx;
57 uint8_t *output;
58 CK_ULONG len;
59 } smb3_enc_ctx_t;
60 /*
61 * CCM in PKCS has not been implemented.
62 * We just need an opaque type with space to refer to.
63 */
64 typedef struct pkcs_ccm_param {
65 uint8_t buf[100];
66 } smb3_crypto_param_t;
67 #endif /* _KERNEL */
68
69 /*
70 * SMB signing routines used in smb_signing.c
71 */
72 int smb_md5_getmech(smb_crypto_mech_t *);
73 int smb_md5_init(smb_sign_ctx_t *, smb_crypto_mech_t *);
74 int smb_md5_update(smb_sign_ctx_t, void *, size_t);
75 int smb_md5_final(smb_sign_ctx_t, uint8_t *);
76
77 /*
78 * SMB2/3 signing routines used in smb2_signing.c
79 * Two implementations of these (kernel/user) in:
80 * uts/common/fs/smbsrv/smb2_sign_kcf.c
81 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
82 */
83
84 int smb2_hmac_getmech(smb_crypto_mech_t *);
85 int smb2_hmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
86 int smb2_hmac_update(smb_sign_ctx_t, uint8_t *, size_t);
87 int smb2_hmac_final(smb_sign_ctx_t, uint8_t *);
88
89 int smb3_cmac_getmech(smb_crypto_mech_t *);
90 int smb3_cmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
91 int smb3_cmac_update(smb_sign_ctx_t, uint8_t *, size_t);
92 int smb3_cmac_final(smb_sign_ctx_t, uint8_t *);
93
94 int smb3_do_kdf(void *, void *, size_t, uint8_t *, uint32_t);
95
96 int smb3_encrypt_getmech(smb_crypto_mech_t *);
97 void smb3_crypto_init_param(smb3_crypto_param_t *, uint8_t *, size_t,
98 uint8_t *, size_t, size_t);
99
100 int smb3_encrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
101 smb3_crypto_param_t *, uint8_t *, size_t, uint8_t *, size_t);
102 int smb3_encrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
103 int smb3_encrypt_final(smb3_enc_ctx_t *, uint8_t *);
104 void smb3_encrypt_cancel(smb3_enc_ctx_t *);
105
106 int smb3_decrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
107 smb3_crypto_param_t *, uint8_t *, size_t);
108 int smb3_decrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
109 int smb3_decrypt_final(smb3_enc_ctx_t *, uint8_t *, size_t);
110
111 #ifdef __cplusplus
112 }
113 #endif
114
115 #endif /* _SMB_KCRYPT_H_ */