1 /*
   2  * This file and its contents are supplied under the terms of the
   3  * Common Development and Distribution License ("CDDL"), version 1.0.
   4  * You may only use this file in accordance with the terms of version
   5  * 1.0 of the CDDL.
   6  *
   7  * A full copy of the text of the CDDL should have accompanied this
   8  * source.  A copy of the CDDL is also available via the Internet at
   9  * http://www.illumos.org/license/CDDL.
  10  */
  11 
  12 /*
  13  * Copyright 2017 Nexenta Systems, Inc.  All rights reserved.
  14  */
  15 
  16 #ifndef _SMB_KCRYPT_H_
  17 #define _SMB_KCRYPT_H_
  18 
  19 /*
  20  * SMB signing routines used in {smb,smb2}_signing.c
  21  * Two implementations of these (kernel/user) in:
  22  *      uts/common/fs/smbsrv/smb_sign_kcf.c
  23  *      lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
  24  */
  25 
  26 #ifdef  _KERNEL
  27 #include <sys/crypto/api.h>
  28 #else
  29 #include <security/cryptoki.h>
  30 #include <security/pkcs11.h>
  31 #endif
  32 
  33 #ifdef __cplusplus
  34 extern "C" {
  35 #endif
  36 
  37 #define MD5_DIGEST_LENGTH       16      /* MD5 digest length in bytes */
  38 #define SHA256_DIGEST_LENGTH    32      /* SHA256 digest length in bytes */
  39 #define SMB2_SIG_SIZE           16
  40 #define SMB2_KEYLEN             16
  41 #define SMB3_KEYLEN             16      /* AES-128 keys */
  42 
  43 #ifdef  _KERNEL
  44 /* KCF variant */
  45 typedef crypto_mechanism_t      smb_crypto_mech_t;
  46 typedef crypto_context_t        smb_sign_ctx_t;
  47 typedef struct smb3_enc_ctx {
  48         crypto_context_t ctx;
  49         crypto_data_t output;
  50         size_t len;
  51 } smb3_enc_ctx_t;
  52 typedef CK_AES_CCM_PARAMS       smb3_crypto_param_t;
  53 #else   /* _KERNEL */
  54 /* PKCS11 variant */
  55 typedef CK_MECHANISM            smb_crypto_mech_t;
  56 typedef CK_SESSION_HANDLE       smb_sign_ctx_t;
  57 typedef struct smb_enc_ctx {
  58         CK_SESSION_HANDLE ctx;
  59         uint8_t *output;
  60         CK_ULONG len;
  61 } smb3_enc_ctx_t;
  62 /*
  63  * CCM in PKCS has not been implemented.
  64  * We just need an opaque type with space to refer to.
  65  */
  66 typedef struct pkcs_ccm_param {
  67         uint8_t buf[100];
  68 } smb3_crypto_param_t;
  69 #endif  /* _KERNEL */
  70 
  71 /*
  72  * SMB signing routines used in smb_signing.c
  73  */
  74 int smb_md5_getmech(smb_crypto_mech_t *);
  75 int smb_md5_init(smb_sign_ctx_t *, smb_crypto_mech_t *);
  76 int smb_md5_update(smb_sign_ctx_t, void *, size_t);
  77 int smb_md5_final(smb_sign_ctx_t, uint8_t *);
  78 
  79 /*
  80  * SMB2/3 signing routines used in smb2_signing.c
  81  * Two implementations of these (kernel/user) in:
  82  *      uts/common/fs/smbsrv/smb2_sign_kcf.c
  83  *      lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
  84  */
  85 
  86 int smb2_hmac_getmech(smb_crypto_mech_t *);
  87 int smb2_hmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
  88 int smb2_hmac_update(smb_sign_ctx_t, uint8_t *, size_t);
  89 int smb2_hmac_final(smb_sign_ctx_t, uint8_t *);
  90 
  91 int smb3_cmac_getmech(smb_crypto_mech_t *);
  92 int smb3_cmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
  93 int smb3_cmac_update(smb_sign_ctx_t, uint8_t *, size_t);
  94 int smb3_cmac_final(smb_sign_ctx_t, uint8_t *);
  95 
  96 int smb3_do_kdf(void *, void *, size_t, uint8_t *, uint32_t);
  97 
  98 int smb3_encrypt_getmech(smb_crypto_mech_t *);
  99 void smb3_crypto_init_param(smb3_crypto_param_t *, uint8_t *, size_t,
 100     uint8_t *, size_t, size_t);
 101 
 102 int smb3_encrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
 103     smb3_crypto_param_t *, uint8_t *, size_t, uint8_t *, size_t);
 104 int smb3_encrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
 105 int smb3_encrypt_final(smb3_enc_ctx_t *, uint8_t *);
 106 void smb3_encrypt_cancel(smb3_enc_ctx_t *);
 107 
 108 int smb3_decrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
 109     smb3_crypto_param_t *, uint8_t *, size_t);
 110 int smb3_decrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
 111 int smb3_decrypt_final(smb3_enc_ctx_t *, uint8_t *, size_t);
 112 
 113 #ifdef  __cplusplus
 114 }
 115 #endif
 116 
 117 #endif /* _SMB_KCRYPT_H_ */