613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * CDDL HEADER START
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * The contents of this file are subject to the terms of the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Common Development and Distribution License (the "License").
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * You may not use this file except in compliance with the License.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * See the License for the specific language governing permissions
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and limitations under the License.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * When distributing Covered Code, include this CDDL HEADER in each
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * If applicable, add the following below this CDDL HEADER, with the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * fields enclosed by brackets "[]" replaced with your own identifying
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * information: Portions Copyright [yyyy] [name of copyright owner]
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * CDDL HEADER END
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Use is subject to license terms.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Signing support, using libmd
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Set this to a small number to debug sequence numbers
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * that seem to get out of step.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Compute MD5 digest of packet data, using the stored MAC key.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * See similar code in the driver:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and on the server side:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * This union is a little bit of trickery to:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * (1) get the sequence number int aligned, and
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * (2) reduce the number of digest calls, at the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * cost of a copying 32 bytes instead of 8.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Both sides of this union are 2+32 bytes.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uint8_t skip[2]; /* not used - just alignment */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uint8_t raw[SMB_HDRLEN]; /* header length (32) */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uint8_t skip[2]; /* not used - just alignment */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Make an aligned copy of the SMB header
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and fill in the sequence number.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Compute the MAC: MD5(concat(Key, message))
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /* Digest the MAC Key */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross MD5Update(&md5, ctx->ct_mackey, ctx->ct_mackeylen);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /* Digest the (copied) SMB header */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /* Digest the rest of the first mbuf */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /* Digest rest of the SMB message. */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Finally, store the signature.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * (first 8 bytes of the digest)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Sign a request with HMAC-MD5.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Our mblk allocation ensures this,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * but just in case...
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Signing is required, but we have no key yet
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * fill in with the magic fake signing value.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * This happens with SPNEGO, NTLMSSP, ...
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * This will compute the MAC and store it
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * directly into the message at sigloc.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smb_compute_MAC(ctx, m, rqp->rq_seqno, sigloc);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Verify reply signature.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Note ct_mackey and ct_mackeylen gets initialized by
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * smb_smb_ssnsetup. It's normal to have a null MAC key
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * during extended security session setup.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Let caller deal with empty reply or short messages by
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * returning zero. Caller will fail later, in parsing.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * If we can't compute a MAC, then there's
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * no point trying other seqno values.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Compare the computed signature with the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * one found in the message (at sigloc)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * For diag purposes, we check whether the client/server idea
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * of the sequence # has gotten a bit out of sync.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross for (fudge = 1; fudge <= nsmb_signing_fudge; fudge++) {
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross (void) smb_compute_MAC(ctx, m, rseqno + fudge, sigbuf);