1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
14 */
15
16 #ifndef _SMB_KCRYPT_H_
17 #define _SMB_KCRYPT_H_
18
19 /*
20 * SMB signing routines used in {smb,smb2}_signing.c
21 * Two implementations of these (kernel/user) in:
22 * uts/common/fs/smbsrv/smb_sign_kcf.c
23 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
24 */
25
26 #ifdef _KERNEL
27 #include <sys/crypto/api.h>
28 #else
29 #include <security/cryptoki.h>
30 #include <security/pkcs11.h>
31 #endif
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #define MD5_DIGEST_LENGTH 16 /* MD5 digest length in bytes */
38 #define SHA256_DIGEST_LENGTH 32 /* SHA256 digest length in bytes */
39 #define SMB2_SIG_SIZE 16
40 #define SMB2_KEYLEN 16
41 #define SMB3_KEYLEN 16 /* AES-128 keys */
42
43 #ifdef _KERNEL
44 /* KCF variant */
45 typedef crypto_mechanism_t smb_crypto_mech_t;
46 typedef crypto_context_t smb_sign_ctx_t;
47 typedef struct smb3_enc_ctx {
48 crypto_context_t ctx;
49 crypto_data_t output;
50 size_t len;
51 } smb3_enc_ctx_t;
52 typedef CK_AES_CCM_PARAMS smb3_crypto_param_t;
53 #else /* _KERNEL */
54 /* PKCS11 variant */
55 typedef CK_MECHANISM smb_crypto_mech_t;
56 typedef CK_SESSION_HANDLE smb_sign_ctx_t;
57 typedef struct smb_enc_ctx {
58 CK_SESSION_HANDLE ctx;
59 uint8_t *output;
60 CK_ULONG len;
61 } smb3_enc_ctx_t;
62 /*
63 * CCM in PKCS has not been implemented.
64 * We just need an opaque type with space to refer to.
65 */
66 typedef struct pkcs_ccm_param {
67 uint8_t buf[100];
68 } smb3_crypto_param_t;
69 #endif /* _KERNEL */
70
71 /*
72 * SMB signing routines used in smb_signing.c
76 int smb_md5_update(smb_sign_ctx_t, void *, size_t);
77 int smb_md5_final(smb_sign_ctx_t, uint8_t *);
78
79 /*
80 * SMB2/3 signing routines used in smb2_signing.c
81 * Two implementations of these (kernel/user) in:
82 * uts/common/fs/smbsrv/smb2_sign_kcf.c
83 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
84 */
85
86 int smb2_hmac_getmech(smb_crypto_mech_t *);
87 int smb2_hmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
88 int smb2_hmac_update(smb_sign_ctx_t, uint8_t *, size_t);
89 int smb2_hmac_final(smb_sign_ctx_t, uint8_t *);
90
91 int smb3_cmac_getmech(smb_crypto_mech_t *);
92 int smb3_cmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
93 int smb3_cmac_update(smb_sign_ctx_t, uint8_t *, size_t);
94 int smb3_cmac_final(smb_sign_ctx_t, uint8_t *);
95
96 int smb3_do_kdf(void *, void *, size_t, uint8_t *, uint32_t);
97
98 int smb3_encrypt_getmech(smb_crypto_mech_t *);
99 void smb3_crypto_init_param(smb3_crypto_param_t *, uint8_t *, size_t,
100 uint8_t *, size_t, size_t);
101
102 int smb3_encrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
103 smb3_crypto_param_t *, uint8_t *, size_t, uint8_t *, size_t);
104 int smb3_encrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
105 int smb3_encrypt_final(smb3_enc_ctx_t *, uint8_t *);
106 void smb3_encrypt_cancel(smb3_enc_ctx_t *);
107
108 int smb3_decrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
109 smb3_crypto_param_t *, uint8_t *, size_t);
110 int smb3_decrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
111 int smb3_decrypt_final(smb3_enc_ctx_t *, uint8_t *, size_t);
112
113 #ifdef __cplusplus
114 }
115 #endif
116
117 #endif /* _SMB_KCRYPT_H_ */
|
1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
14 * Copyright 2020 RackTop Systems, Inc.
15 */
16
17 #ifndef _SMB_KCRYPT_H_
18 #define _SMB_KCRYPT_H_
19
20 /*
21 * SMB signing routines used in {smb,smb2}_signing.c
22 * Two implementations of these (kernel/user) in:
23 * uts/common/fs/smbsrv/smb_sign_kcf.c
24 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
25 */
26
27 #ifdef _KERNEL
28 #include <sys/crypto/api.h>
29 #else
30 #include <security/cryptoki.h>
31 #include <security/pkcs11.h>
32 #endif
33
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37
38 #define MD5_DIGEST_LENGTH 16 /* MD5 digest length in bytes */
39 #define SHA256_DIGEST_LENGTH 32 /* SHA256 digest length in bytes */
40 #define SHA512_DIGEST_LENGTH 64 /* SHA512 digest length in bytes */
41 #define SMB2_SIG_SIZE 16
42 #define SMB2_KEYLEN 16
43 #define SMB3_KEYLEN 16 /* AES-128 keys */
44
45 #ifdef _KERNEL
46 /* KCF variant */
47 typedef crypto_mechanism_t smb_crypto_mech_t;
48 typedef crypto_context_t smb_sign_ctx_t;
49 typedef struct smb3_enc_ctx {
50 crypto_context_t ctx;
51 crypto_data_t output;
52 size_t len;
53 } smb3_enc_ctx_t;
54
55 typedef union {
56 CK_AES_CCM_PARAMS ccm;
57 CK_AES_GCM_PARAMS gcm;
58 } smb3_crypto_param_t;
59
60 #else /* _KERNEL */
61 /* PKCS11 variant */
62 typedef CK_MECHANISM smb_crypto_mech_t;
63 typedef CK_SESSION_HANDLE smb_sign_ctx_t;
64 typedef struct smb_enc_ctx {
65 CK_SESSION_HANDLE ctx;
66 uint8_t *output;
67 CK_ULONG len;
68 } smb3_enc_ctx_t;
69 /*
70 * CCM in PKCS has not been implemented.
71 * We just need an opaque type with space to refer to.
72 */
73 typedef struct pkcs_ccm_param {
74 uint8_t buf[100];
75 } smb3_crypto_param_t;
76 #endif /* _KERNEL */
77
78 /*
79 * SMB signing routines used in smb_signing.c
83 int smb_md5_update(smb_sign_ctx_t, void *, size_t);
84 int smb_md5_final(smb_sign_ctx_t, uint8_t *);
85
86 /*
87 * SMB2/3 signing routines used in smb2_signing.c
88 * Two implementations of these (kernel/user) in:
89 * uts/common/fs/smbsrv/smb2_sign_kcf.c
90 * lib/smbsrv/libfksmbsrv/common/fksmb_sign_pkcs.c
91 */
92
93 int smb2_hmac_getmech(smb_crypto_mech_t *);
94 int smb2_hmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
95 int smb2_hmac_update(smb_sign_ctx_t, uint8_t *, size_t);
96 int smb2_hmac_final(smb_sign_ctx_t, uint8_t *);
97
98 int smb3_cmac_getmech(smb_crypto_mech_t *);
99 int smb3_cmac_init(smb_sign_ctx_t *, smb_crypto_mech_t *, uint8_t *, size_t);
100 int smb3_cmac_update(smb_sign_ctx_t, uint8_t *, size_t);
101 int smb3_cmac_final(smb_sign_ctx_t, uint8_t *);
102
103 int smb3_kdf(uint8_t *outbuf, uint8_t *key, size_t key_len,
104 uint8_t *label, size_t label_len,
105 uint8_t *context, size_t context_len);
106
107 int smb3_aes_ccm_getmech(smb_crypto_mech_t *);
108 int smb3_aes_gcm_getmech(smb_crypto_mech_t *);
109 void smb3_crypto_init_ccm_param(smb3_crypto_param_t *, uint8_t *, size_t,
110 uint8_t *, size_t, size_t);
111 void smb3_crypto_init_gcm_param(smb3_crypto_param_t *, uint8_t *, size_t,
112 uint8_t *, size_t);
113
114 int smb3_encrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
115 smb3_crypto_param_t *, uint8_t *, size_t, uint8_t *, size_t);
116 int smb3_encrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
117 int smb3_encrypt_final(smb3_enc_ctx_t *, uint8_t *);
118 void smb3_encrypt_cancel(smb3_enc_ctx_t *);
119
120 int smb3_decrypt_init(smb3_enc_ctx_t *, smb_crypto_mech_t *,
121 smb3_crypto_param_t *, uint8_t *, size_t);
122 int smb3_decrypt_update(smb3_enc_ctx_t *, uint8_t *, size_t);
123 int smb3_decrypt_final(smb3_enc_ctx_t *, uint8_t *, size_t);
124
125 #ifdef __cplusplus
126 }
127 #endif
128
129 #endif /* _SMB_KCRYPT_H_ */
|