1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
/*
* This file and its contents are supplied under the terms of the
* Common Development and Distribution License ("CDDL"), version 1.0.
* You may only use this file in accordance with the terms of version
* 1.0 of the CDDL.
*
* A full copy of the text of the CDDL should have accompanied this
* source. A copy of the CDDL is also available via the Internet at
* http://www.illumos.org/license/CDDL.
*/
/*
* Copyright 2018 Nexenta Systems, Inc. All rights reserved.
* Copyright 2020 RackTop Systems, Inc.
*/
/*
* Helper functions for SMB3 encryption using PKCS#11
*
* There are two implementations of these functions:
* This one (for user space) and another for kernel.
* See: uts/common/fs/smbsrv/smb3_encrypt_kcf.c
*
* NOTE: CCM is not implemented in PKCS yet, so these are just stubs.
*/
#include <smbsrv/smb_kcrypt.h>
#include <smbsrv/smb2_kproto.h>
/*
* SMB3 encryption helpers:
* (getmech, init, update, final)
*/
/* ARGSUSED */
int
smb3_aes_ccm_getmech(smb_crypto_mech_t *mech)
{
cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption");
return (-1);
}
/* ARGSUSED */
int
smb3_aes_gcm_getmech(smb_crypto_mech_t *mech)
{
cmn_err(CE_NOTE, "fksmbsrv does not support SMB3 Encryption");
return (-1);
}
/* ARGSUSED */
void
smb3_crypto_init_ccm_param(smb3_crypto_param_t *param,
uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize,
size_t datasize)
{
}
/* ARGSUSED */
void
smb3_crypto_init_gcm_param(smb3_crypto_param_t *param,
uint8_t *nonce, size_t noncesize, uint8_t *auth, size_t authsize)
{
}
/*
* Start the KCF session, load the key
*/
/* ARGSUSED */
static int
smb3_crypto_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
uint8_t *key, size_t key_len, smb3_crypto_param_t *param,
boolean_t is_encrypt)
{
return (-1);
}
/* ARGSUSED */
int
smb3_encrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
smb3_crypto_param_t *param, uint8_t *key, size_t keylen,
uint8_t *buf, size_t buflen)
{
return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_TRUE));
}
int
smb3_decrypt_init(smb3_enc_ctx_t *ctxp, smb_crypto_mech_t *mech,
smb3_crypto_param_t *param, uint8_t *key, size_t keylen)
{
return (smb3_crypto_init(ctxp, mech, key, keylen, param, B_FALSE));
}
/*
* Digest one segment
*/
/* ARGSUSED */
int
smb3_encrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len)
{
return (-1);
}
/* ARGSUSED */
int
smb3_decrypt_update(smb3_enc_ctx_t *ctxp, uint8_t *in, size_t len)
{
return (-1);
}
/* ARGSUSED */
int
smb3_encrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *digest16)
{
return (-1);
}
/* ARGSUSED */
int
smb3_decrypt_final(smb3_enc_ctx_t *ctxp, uint8_t *buf, size_t buflen)
{
return (-1);
}
/* ARGSUSED */
void
smb3_encrypt_cancel(smb3_enc_ctx_t *ctxp)
{
}
|
