/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/*
* SMB MAC Signing support.
*/
#include <strings.h>
#include <security/cryptoki.h>
/*
* smb_mac_init
*
* Calculates the MAC key using the specified user session
* key (NTLM or NTLMv2).
*
* Returns SMBAUTH_SUCCESS if key generation was successful,
* SMBAUTH_FAILURE if not.
*/
int
{
return (SMBAUTH_FAILURE);
return (SMBAUTH_SUCCESS);
}
/*
* smb_mac_calc
*
* Calculates MAC signature for the given buffer and returns
* it in the mac_sign parameter.
*
* The MAC signature is calculated as follows:
*
* data = concat(MAC_Key, MAC_Key_Len, SMB_Msg, SMB_Msg_Len);
* hash = MD5(data);
* MAC = head(hash, 8);
*
* The tricky part is that a sequence number should be used
* in calculation instead of the signature field in the
* SMB header.
*
* Returns SMBAUTH_SUCCESS if cryptology framework use was successful,
* SMBAUTH_FAILURE if not.
*/
int
{
/*
* put seq_num into the first 4 bytes and
* zero out the next 4 bytes
*/
mechanism.pParameter = 0;
mechanism.ulParameterLen = 0;
return (SMBAUTH_FAILURE);
/* Initialize the digest operation in the session */
goto smbmacdone;
/* init with the MAC key */
goto smbmacdone;
/* copy in SMB packet info till signature field */
goto smbmacdone;
/* copy in the seq_buf instead of the signature */
goto smbmacdone;
/* copy in the rest of the packet, skipping the signature */
goto smbmacdone;
goto smbmacdone;
(void) C_CloseSession(hSession);
return (rc);
}
/*
* smb_mac_chk
*
* Calculates MAC signature for the given buffer
* and compares it to the signature in the given context.
* Return 1 if the signature are match, otherwise, return (0);
*/
int
{
/* calculate mac signature */
return (0);
/* compare the signatures */
return (1);
return (0);
}
/*
* smb_mac_sign
*
* Calculates MAC signature for the given buffer,
* and write it to the buffer's signature field.
*
* Returns SMBAUTH_SUCCESS if cryptology framework use was successful,
* SMBAUTH_FAILURE if not.
*/
int
{
/* calculate mac signature */
return (SMBAUTH_FAILURE);
/* put mac signature in the header's signature field */
return (SMBAUTH_SUCCESS);
}
void
{
sign_ctx->ssc_seqnum++;
}
void
{
sign_ctx->ssc_seqnum--;
}