1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2020 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Helper functions for SMB3 encryption using PKCS#11 19 * 20 * There are two implementations of these functions: 21 * This one (for user space) and another for kernel. 22 * See: uts/common/fs/smbsrv/smb3_encrypt_kcf.c 23 * 24 * NOTE: CCM is not implemented in PKCS yet, so these are just stubs. 25 */ 26 27 #include <smbsrv/smb_kcrypt.h> 28 #include <smbsrv/smb2_kproto.h> 29 30 /* 31 * SMB3 encryption helpers: 32 * (getmech, init, update, final) 33 */ 34 35 /* ARGSUSED */ 36 int 37 smb3_aes_ccm_getmech(smb_crypto_mech_t *mech) 38 { 39 cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption"); 40 return (-1); 41 } 42 43 /* ARGSUSED */ 44 int 45 smb3_aes_gcm_getmech(smb_crypto_mech_t *mech) 46 { 47 cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption"); 48 return (-1); 49 } 50 51 /* ARGSUSED */ 52 void 53 smb3_crypto_init_ccm_param(smb3_crypto_param_t *param, 54 uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize, 55 size_t datasize) 56 { 57 } 58 59 /* ARGSUSED */ 60 void 61 smb3_crypto_init_gcm_param(smb3_crypto_param_t *param, 62 uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize) 63 { 64 } 65 66 /* 67 * Start the KCF session, load the key 68 */ 69 70 /* ARGSUSED */ 71 static int 72 smb3_crypto_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech, 73 uint8_t *key, size_t key_len, smb3_crypto_param_t *param, 74 boolean_t is_encrypt) 75 { 76 return (-1); 77 } 78 79 /* ARGSUSED */ 80 int 81 smb3_encrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech, 82 smb3_crypto_param_t *param, uint8_t *key, size_t keylen, 83 uint8_t *buf, size_t buflen) 84 { 85 return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_TRUE)); 86 } 87 88 int 89 smb3_decrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech, 90 smb3_crypto_param_t *param, uint8_t *key, size_t keylen) 91 { 92 return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_FALSE)); 93 } 94 95 /* 96 * Digest one segment 97 */ 98 99 /* ARGSUSED */ 100 int 101 smb3_encrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len) 102 { 103 return (-1); 104 } 105 106 /* ARGSUSED */ 107 int 108 smb3_decrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len) 109 { 110 return (-1); 111 } 112 113 /* ARGSUSED */ 114 int 115 smb3_encrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *digest16) 116 { 117 return (-1); 118 } 119 120 /* ARGSUSED */ 121 int 122 smb3_decrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *buf, size_t buflen) 123 { 124 return (-1); 125 } 126 127 /* ARGSUSED */ 128 void 129 smb3_encrypt_cancel(smb3_enc_ctx_t *ctxp) 130 { 131 }