diff options
author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-21 14:25:17 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2010-10-26 18:38:06 +0000 |
commit | 307fbd31b61623ad1b5388b452118f8aea99f9d0 (patch) | |
tree | 71231b840aac77531d5dc26021ecb0451feab7ae /fs/cifs/cifsproto.h | |
parent | d2b915210b5ec01409f581421d633eca6c38d444 (diff) | |
download | linux-stable-307fbd31b61623ad1b5388b452118f8aea99f9d0.tar.gz linux-stable-307fbd31b61623ad1b5388b452118f8aea99f9d0.tar.bz2 linux-stable-307fbd31b61623ad1b5388b452118f8aea99f9d0.zip |
NTLM auth and sign - Use kernel crypto apis to calculate hashes and smb signatures
Use kernel crypto sync hash apis insetead of cifs crypto functions.
The calls typically corrospond one to one except that insead of
key init, setkey is used.
Use crypto apis to generate smb signagtures also.
Use hmac-md5 to genereate ntlmv2 hash, ntlmv2 response, and HMAC (CR1 of
ntlmv2 auth blob.
User crypto apis to genereate signature and to verify signature.
md5 hash is used to calculate signature.
Use secondary key to calculate signature in case of ntlmssp.
For ntlmv2 within ntlmssp, during signature calculation, only 16 bytes key
(a nonce) stored within session key is used. during smb signature calculation.
For ntlm and ntlmv2 without extended security, 16 bytes key
as well as entire response (24 bytes in case of ntlm and variable length
in case of ntlmv2) is used for smb signature calculation.
For kerberos, there is no distinction between key and response.
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifsproto.h')
-rw-r--r-- | fs/cifs/cifsproto.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index 1e4728bcf065..edb6d90efdf2 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h @@ -366,7 +366,6 @@ extern int cifs_verify_signature(struct smb_hdr *, __u32 expected_sequence_number); extern void SMBNTencrypt(unsigned char *, unsigned char *, unsigned char *); extern int setup_ntlm_response(struct cifsSesInfo *); -extern void CalcNTLMv2_response(const struct cifsSesInfo *); extern int setup_ntlmv2_rsp(struct cifsSesInfo *, const struct nls_table *); extern int cifs_crypto_shash_allocate(struct TCP_Server_Info *); extern void cifs_crypto_shash_release(struct TCP_Server_Info *); |