illumos-smb31 New usr/src/lib/smbsrv/libfksmbsrv/common/fksmb_encrypt

   1 /*
   2  * This file and its contents are supplied under the terms of the
   3  * Common Development and Distribution License ("CDDL"), version 1.0.
   4  * You may only use this file in accordance with the terms of version
   5  * 1.0 of the CDDL.
   6  *
   7  * A full copy of the text of the CDDL should have accompanied this
   8  * source.  A copy of the CDDL is also available via the Internet at
   9  * http://www.illumos.org/license/CDDL.
  10  */
  11 
  12 /*
  13  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
  14  * Copyright 2020 RackTop Systems, Inc.
  15  */
  16 
  17 /*
  18  * Helper functions for SMB3 encryption using PKCS#11
  19  *
  20  * There are two implementations of these functions:
  21  * This one (for user space) and another for kernel.
  22  * See: uts/common/fs/smbsrv/smb3_encrypt_kcf.c
  23  *
  24  * NOTE: CCM is not implemented in PKCS yet, so these are just stubs.
  25  */
  26 
  27 #include <smbsrv/smb_kcrypt.h>
  28 #include <smbsrv/smb2_kproto.h>
  29 
  30 /*
  31  * SMB3 encryption helpers:
  32  * (getmech, init, update, final)
  33  */
  34 
  35 /* ARGSUSED */
  36 int
  37 smb3_aes_ccm_getmech(smb_crypto_mech_t *mech)
  38 {
  39         cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption");
  40         return (-1);
  41 }
  42 
  43 /* ARGSUSED */
  44 int
  45 smb3_aes_gcm_getmech(smb_crypto_mech_t *mech)
  46 {
  47         cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption");
  48         return (-1);
  49 }
  50 
  51 /* ARGSUSED */
  52 void
  53 smb3_crypto_init_ccm_param(smb3_crypto_param_t *param,
  54     uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize,
  55     size_t datasize)
  56 {
  57 }
  58 
  59 /* ARGSUSED */
  60 void
  61 smb3_crypto_init_gcm_param(smb3_crypto_param_t *param,
  62     uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize)
  63 {
  64 }
  65 
  66 /*
  67  * Start the KCF session, load the key
  68  */
  69 
  70 /* ARGSUSED */
  71 static int
  72 smb3_crypto_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
  73     uint8_t *key, size_t key_len, smb3_crypto_param_t *param,
  74     boolean_t is_encrypt)
  75 {
  76         return (-1);
  77 }
  78 
  79 /* ARGSUSED */
  80 int
  81 smb3_encrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
  82     smb3_crypto_param_t *param, uint8_t *key, size_t keylen,
  83     uint8_t *buf, size_t buflen)
  84 {
  85         return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_TRUE));
  86 }
  87 
  88 int
  89 smb3_decrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
  90     smb3_crypto_param_t *param, uint8_t *key, size_t keylen)
  91 {
  92         return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_FALSE));
  93 }
  94 
  95 /*
  96  * Digest one segment
  97  */
  98 
  99 /* ARGSUSED */
 100 int
 101 smb3_encrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len)
 102 {
 103         return (-1);
 104 }
 105 
 106 /* ARGSUSED */
 107 int
 108 smb3_decrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len)
 109 {
 110         return (-1);
 111 }
 112 
 113 /* ARGSUSED */
 114 int
 115 smb3_encrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *digest16)
 116 {
 117         return (-1);
 118 }
 119 
 120 /* ARGSUSED */
 121 int
 122 smb3_decrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *buf, size_t buflen)
 123 {
 124         return (-1);
 125 }
 126 
 127 /* ARGSUSED */
 128 void
 129 smb3_encrypt_cancel(smb3_enc_ctx_t *ctxp)
 130 {
 131 }