diff options
author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-21 14:25:17 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2010-10-26 18:38:06 +0000 |
commit | 307fbd31b61623ad1b5388b452118f8aea99f9d0 (patch) | |
tree | 71231b840aac77531d5dc26021ecb0451feab7ae /ipc | |
parent | d2b915210b5ec01409f581421d633eca6c38d444 (diff) |
NTLM auth and sign - Use kernel crypto apis to calculate hashes and smb signatures
Use kernel crypto sync hash apis insetead of cifs crypto functions.
The calls typically corrospond one to one except that insead of
key init, setkey is used.
Use crypto apis to generate smb signagtures also.
Use hmac-md5 to genereate ntlmv2 hash, ntlmv2 response, and HMAC (CR1 of
ntlmv2 auth blob.
User crypto apis to genereate signature and to verify signature.
md5 hash is used to calculate signature.
Use secondary key to calculate signature in case of ntlmssp.
For ntlmv2 within ntlmssp, during signature calculation, only 16 bytes key
(a nonce) stored within session key is used. during smb signature calculation.
For ntlm and ntlmv2 without extended security, 16 bytes key
as well as entire response (24 bytes in case of ntlm and variable length
in case of ntlmv2) is used for smb signature calculation.
For kerberos, there is no distinction between key and response.
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'ipc')
0 files changed, 0 insertions, 0 deletions