1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2017 Nexenta Systems, Inc. All rights reserved. 14 */ 15 16 #ifndef _SMB_KCRYPT_H_ 17 #define _SMB_KCRYPT_H_ 18 19 /* 20 * SMB signing routines used in {smb,smb2}_signing.c 21 * Two implementations of these (kernel/user) in: 22 * uts/common/fs/smbsrv/smb_sign_kcf.c 23 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c 24 */ 25 26 #ifdef _KERNEL 27 #include <sys/crypto/api.h> 28 #else 29 #include <security/cryptoki.h> 30 #include <security/pkcs11.h> 31 #endif 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 #define MD5_DIGEST_LENGTH 16 /* MD5 digest length in bytes */ 38 #define SHA256_DIGEST_LENGTH 32 /* SHA256 digest length in bytes */ 39 #define SMB2_SIG_SIZE 16 40 #define SMB2_KEYLEN 16 41 #define SMB3_KEYLEN 16 /* AES-128 keys */ 42 43 #ifdef _KERNEL 44 /* KCF variant */ 45 typedef crypto_mechanism_t smb_crypto_mech_t; 46 typedef crypto_context_t smb_sign_ctx_t; 47 typedef struct smb3_enc_ctx { 48 crypto_context_t ctx; 49 crypto_data_t output; 50 size_t len; 51 } smb3_enc_ctx_t; 52 typedef CK_AES_CCM_PARAMS smb3_crypto_param_t; 53 #else /* _KERNEL */ 54 /* PKCS11 variant */ 55 typedef CK_MECHANISM smb_crypto_mech_t; 56 typedef CK_SESSION_HANDLE smb_sign_ctx_t; 57 typedef struct smb_enc_ctx { 58 CK_SESSION_HANDLE ctx; 59 uint8_t *output; 60 CK_ULONG len; 61 } smb3_enc_ctx_t; 62 /* 63 * CCM in PKCS has not been implemented. 64 * We just need an opaque type with space to refer to. 65 */ 66 typedef struct pkcs_ccm_param { 67 uint8_t buf[100]; 68 } smb3_crypto_param_t; 69 #endif /* _KERNEL */ 70 71 /* 72 * SMB signing routines used in smb_signing.c 73 */ 74 int smb_md5_getmech(smb_crypto_mech_t *); 75 int smb_md5_init(smb_sign_ctx_t *, smb_crypto_mech_t *); 76 int smb_md5_update(smb_sign_ctx_t, void *, size_t); 77 int smb_md5_final(smb_sign_ctx_t, uint8_t *); 78 79 /* 80 * SMB2/3 signing routines used in smb2_signing.c 81 * Two implementations of these (kernel/user) in: 82 * uts/common/fs/smbsrv/smb2_sign_kcf.c 83 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c 84 */ 85 86 int smb2_hmac_getmech(smb_crypto_mech_t *); 87 int smb2_hmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t); 88 int smb2_hmac_update(smb_sign_ctx_t, uint8_t *, size_t); 89 int smb2_hmac_final(smb_sign_ctx_t, uint8_t *); 90 91 int smb3_cmac_getmech(smb_crypto_mech_t *); 92 int smb3_cmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t); 93 int smb3_cmac_update(smb_sign_ctx_t, uint8_t *, size_t); 94 int smb3_cmac_final(smb_sign_ctx_t, uint8_t *); 95 96 int smb3_do_kdf(void *, void *, size_t, uint8_t *, uint32_t); 97 98 int smb3_encrypt_getmech(smb_crypto_mech_t *); 99 void smb3_crypto_init_param(smb3_crypto_param_t *, uint8_t *, size_t, 100 uint8_t *, size_t, size_t); 101 102 int smb3_encrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *, 103 smb3_crypto_param_t *, uint8_t *, size_t, uint8_t *, size_t); 104 int smb3_encrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t); 105 int smb3_encrypt_final(smb3_enc_ctx_t *, uint8_t *); 106 void smb3_encrypt_cancel(smb3_enc_ctx_t *); 107 108 int smb3_decrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *, 109 smb3_crypto_param_t *, uint8_t *, size_t); 110 int smb3_decrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t); 111 int smb3_decrypt_final(smb3_enc_ctx_t *, uint8_t *, size_t); 112 113 #ifdef __cplusplus 114 } 115 #endif 116 117 #endif /* _SMB_KCRYPT_H_ */