select CRYPTO_LIB_DES

config CIFS_WEAK_PW_HASH

	bool "Support legacy servers which use weaker LANMAN security"

	depends on CIFS && CIFS_ALLOW_INSECURE_LEGACY

	help

	  Modern CIFS servers including Samba and most Windows versions

	  (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos)

	  security mechanisms. These hash the password more securely

	  than the mechanisms used in the older LANMAN version of the

	  SMB protocol but LANMAN based authentication is needed to

	  establish sessions with some old SMB servers.

	  Enabling this option allows the cifs module to mount to older

	  LANMAN based servers such as OS/2 and Windows 95, but such

	  mounts may be less secure than mounts using NTLM or more recent

	  security mechanisms if you are on a public network.  Unless you

	  have a need to access old SMB servers (and are on a private

	  network) you probably want to say N.  Even if this support

	  is enabled in the kernel build, LANMAN authentication will not be

	  used automatically. At runtime LANMAN mounts are disabled but

	  can be set to required (or optional) either in

	  /proc/fs/cifs (see Documentation/admin-guide/cifs/usage.rst for

	  more detail) or via an option on the mount command. This support

	  is disabled by default in order to reduce the possibility of a

	  downgrade attack.

	  If unsure, say N.

#ifdef CONFIG_CIFS_WEAK_PW_HASH

	seq_printf(m, ",WEAK_PW_HASH");

#endif

	else if ((*flags & CIFSSEC_MUST_NTLM) == CIFSSEC_MUST_NTLM)

		*flags = CIFSSEC_MUST_NTLM;

	else if (CIFSSEC_MUST_LANMAN &&

		 (*flags & CIFSSEC_MUST_LANMAN) == CIFSSEC_MUST_LANMAN)

		*flags = CIFSSEC_MUST_LANMAN;

	else if (CIFSSEC_MUST_PLNTXT &&

		 (*flags & CIFSSEC_MUST_PLNTXT) == CIFSSEC_MUST_PLNTXT)

		*flags = CIFSSEC_MUST_PLNTXT;

	case LANMAN:

	case NTLM:

/* first calculate 24 bytes ntlm response and then 16 byte session key */

int setup_ntlm_response(struct cifs_ses *ses, const struct nls_table *nls_cp)

{

	int rc = 0;

	unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;

	char temp_key[CIFS_SESS_KEY_SIZE];

	if (!ses)

		return -EINVAL;

	ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);

	if (!ses->auth_key.response)

		return -ENOMEM;

	ses->auth_key.len = temp_len;

	rc = SMBNTencrypt(ses->password, ses->server->cryptkey,

			ses->auth_key.response + CIFS_SESS_KEY_SIZE, nls_cp);

	if (rc) {

		cifs_dbg(FYI, "%s Can't generate NTLM response, error: %d\n",

			 __func__, rc);

		return rc;

	}

	rc = E_md4hash(ses->password, temp_key, nls_cp);

	if (rc) {

		cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",

			 __func__, rc);

		return rc;

	}

	rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);

	if (rc)

		cifs_dbg(FYI, "%s Can't generate NTLM session key, error: %d\n",

			 __func__, rc);

	return rc;

}

#ifdef CONFIG_CIFS_WEAK_PW_HASH

int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,

			char *lnm_session_key)

{

	int i, len;

	int rc;

	char password_with_pad[CIFS_ENCPWD_SIZE] = {0};

	if (password) {

		for (len = 0; len < CIFS_ENCPWD_SIZE; len++)

			if (!password[len])

				break;

		memcpy(password_with_pad, password, len);

	}

	if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {

		memcpy(lnm_session_key, password_with_pad,

			CIFS_ENCPWD_SIZE);

		return 0;

	}

	/* calculate old style session key */

	/* calling toupper is less broken than repeatedly

	calling nls_toupper would be since that will never

	work for UTF8, but neither handles multibyte code pages

	but the only alternative would be converting to UCS-16 (Unicode)

	(using a routine something like UniStrupr) then

	uppercasing and then converting back from Unicode - which

	would only worth doing it if we knew it were utf8. Basically

	utf8 and other multibyte codepages each need their own strupper

	function since a byte at a time will ont work. */

	for (i = 0; i < CIFS_ENCPWD_SIZE; i++)

		password_with_pad[i] = toupper(password_with_pad[i]);

	rc = SMBencrypt(password_with_pad, cryptkey, lnm_session_key);

	return rc;

}

#endif /* CIFS_WEAK_PW_HASH */

	case LANMAN:

		seq_puts(s, "lanman");

		break;

	case NTLM:

		seq_puts(s, "ntlm");

		break;

	LANMAN,			/* Legacy LANMAN auth */

	NTLM,			/* Legacy NTLM012 auth with NTLM hash */

#define	CIFS_NEGFLAVOR_LANMAN	0	/* wct == 13, LANMAN */

#define   CIFSSEC_MAY_NTLM	0x00002

#ifdef CONFIG_CIFS_WEAK_PW_HASH

#define   CIFSSEC_MAY_LANMAN	0x00010

#define   CIFSSEC_MAY_PLNTXT	0x00020

#else

#define   CIFSSEC_MAY_LANMAN    0

#define   CIFSSEC_MAY_PLNTXT    0

#endif /* weak passwords */

#define   CIFSSEC_MUST_NTLM	0x02002

#ifdef CONFIG_CIFS_WEAK_PW_HASH

#define   CIFSSEC_MUST_LANMAN	0x10010

#define   CIFSSEC_MUST_PLNTXT	0x20020

#ifdef CONFIG_CIFS_UPCALL

#define   CIFSSEC_MASK          0xBF0BF /* allows weak security but also krb5 */

#else

#define   CIFSSEC_MASK          0xB70B7 /* current flags supported if weak */

#endif /* UPCALL */

#else /* do not allow weak pw hash */

#define   CIFSSEC_MUST_LANMAN	0

#define   CIFSSEC_MUST_PLNTXT	0

#endif /* WEAK_PW_HASH */

	case NTLM:

		return "NTLM";

	case LANMAN:

		return "LANMAN";

#ifdef CONFIG_CIFS_WEAK_PW_HASH

#define LANMAN_PROT 0

#define LANMAN2_PROT 1

#define CIFS_PROT   2

#else

#endif

/* Dialect index is 13 for LANMAN */

typedef struct lanman_neg_rsp {

	struct smb_hdr hdr;	/* wct = 13 */

	__le16 DialectIndex;

	__le16 SecurityMode;

	__le16 MaxBufSize;

	__le16 MaxMpxCount;

	__le16 MaxNumberVcs;

	__le16 RawMode;

	__le32 SessionKey;

	struct {

		__le16 Time;

		__le16 Date;

	} __attribute__((packed)) SrvTime;

	__le16 ServerTimeZone;

	__le16 EncryptionKeyLength;

	__le16 Reserved;

	__u16  ByteCount;

	unsigned char EncryptionKey[1];

} __attribute__((packed)) LANMAN_NEG_RSP;

extern int SMBNTencrypt(unsigned char *, unsigned char *, unsigned char *,

			const struct nls_table *);

extern int setup_ntlm_response(struct cifs_ses *, const struct nls_table *);

#ifdef CONFIG_CIFS_WEAK_PW_HASH

extern int calc_lanman_hash(const char *password, const char *cryptkey,

				bool encrypt, char *lnm_session_key);

#endif /* CIFS_WEAK_PW_HASH */

extern int mdfour(unsigned char *, unsigned char *, int);

extern int SMBencrypt(unsigned char *passwd, const unsigned char *c8,

			unsigned char *p24);

#ifdef CONFIG_CIFS_WEAK_PW_HASH

	{LANMAN_PROT, "\2LM1.2X002"},

	{LANMAN2_PROT, "\2LANMAN2.1"},

#endif /* weak password hashing for legacy clients */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

	{LANMAN_PROT, "\2LM1.2X002"},

	{LANMAN2_PROT, "\2LANMAN2.1"},

#endif /* weak password hashing for legacy clients */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

#define CIFS_NUM_PROT 4

#else

#endif /* CIFS_WEAK_PW_HASH */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

#define CIFS_NUM_PROT 3

#else

#endif /* CONFIG_CIFS_WEAK_PW_HASH */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

static int

decode_lanman_negprot_rsp(struct TCP_Server_Info *server, NEGOTIATE_RSP *pSMBr)

{

	__s16 tmp;

	struct lanman_neg_rsp *rsp = (struct lanman_neg_rsp *)pSMBr;

	if (server->dialect != LANMAN_PROT && server->dialect != LANMAN2_PROT)

		return -EOPNOTSUPP;

	server->sec_mode = le16_to_cpu(rsp->SecurityMode);

	server->maxReq = min_t(unsigned int,

			       le16_to_cpu(rsp->MaxMpxCount),

			       cifs_max_pending);

	set_credits(server, server->maxReq);

	server->maxBuf = le16_to_cpu(rsp->MaxBufSize);

	/* set up max_read for readpages check */

	server->max_read = server->maxBuf;

	/* even though we do not use raw we might as well set this

	accurately, in case we ever find a need for it */

	if ((le16_to_cpu(rsp->RawMode) & RAW_ENABLE) == RAW_ENABLE) {

		server->max_rw = 0xFF00;

		server->capabilities = CAP_MPX_MODE | CAP_RAW_MODE;

	} else {

		server->max_rw = 0;/* do not need to use raw anyway */

		server->capabilities = CAP_MPX_MODE;

	}

	tmp = (__s16)le16_to_cpu(rsp->ServerTimeZone);

	if (tmp == -1) {

		/* OS/2 often does not set timezone therefore

		 * we must use server time to calc time zone.

		 * Could deviate slightly from the right zone.

		 * Smallest defined timezone difference is 15 minutes

		 * (i.e. Nepal).  Rounding up/down is done to match

		 * this requirement.

		 */

		int val, seconds, remain, result;

		struct timespec64 ts;

		time64_t utc = ktime_get_real_seconds();

		ts = cnvrtDosUnixTm(rsp->SrvTime.Date,

				    rsp->SrvTime.Time, 0);

		cifs_dbg(FYI, "SrvTime %lld sec since 1970 (utc: %lld) diff: %lld\n",

			 ts.tv_sec, utc,

			 utc - ts.tv_sec);

		val = (int)(utc - ts.tv_sec);

		seconds = abs(val);

		result = (seconds / MIN_TZ_ADJ) * MIN_TZ_ADJ;

		remain = seconds % MIN_TZ_ADJ;

		if (remain >= (MIN_TZ_ADJ / 2))

			result += MIN_TZ_ADJ;

		if (val < 0)

			result = -result;

		server->timeAdj = result;

	} else {

		server->timeAdj = (int)tmp;

		server->timeAdj *= 60; /* also in seconds */

	}

	cifs_dbg(FYI, "server->timeAdj: %d seconds\n", server->timeAdj);

	/* BB get server time for time conversions and add

	code to use it and timezone since this is not UTC */

	if (rsp->EncryptionKeyLength ==

			cpu_to_le16(CIFS_CRYPTO_KEY_SIZE)) {

		memcpy(server->cryptkey, rsp->EncryptionKey,

			CIFS_CRYPTO_KEY_SIZE);

	} else if (server->sec_mode & SECMODE_PW_ENCRYPT) {

		return -EIO; /* need cryptkey unless plain text */

	}

	cifs_dbg(FYI, "LANMAN negotiated\n");

	return 0;

}

#else

static inline int

decode_lanman_negprot_rsp(struct TCP_Server_Info *server, NEGOTIATE_RSP *pSMBr)

{

	cifs_dbg(VFS, "mount failed, cifs module not built with CIFS_WEAK_PW_HASH support\n");

	return -EOPNOTSUPP;

}

#endif

	} else if (pSMBr->hdr.WordCount == 13) {

		server->negflavor = CIFS_NEGFLAVOR_LANMAN;

		rc = decode_lanman_negprot_rsp(server, pSMBr);

		goto signing_check;

signing_check:

	} else {

		pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);

		/* BB FIXME add code to fail this if NTLMv2 or Kerberos

		   specified as required (when that support is added to

		   the vfs in the future) as only NTLM or the much

		   weaker LANMAN (which we do not send by default) is accepted

		   by Samba (not sure whether other servers allow

		   NTLMv2 password here) */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

		if ((global_secflags & CIFSSEC_MAY_LANMAN) &&

		    (ses->sectype == LANMAN))

			calc_lanman_hash(tcon->password, ses->server->cryptkey,

					 ses->server->sec_mode &

					    SECMODE_PW_ENCRYPT ? true : false,

					 bcc_ptr);

		else

#endif /* CIFS_WEAK_PW_HASH */

		rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,

					bcc_ptr, nls_codepage);

		if (rc) {

			cifs_dbg(FYI, "%s Can't generate NTLM rsp. Error: %d\n",

				 __func__, rc);

			cifs_buf_release(smb_buffer);

			return rc;

		}

		bcc_ptr += CIFS_AUTH_RESP_SIZE;

		if (ses->capabilities & CAP_UNICODE) {

			/* must align unicode strings */

			*bcc_ptr = 0; /* null byte password */

			bcc_ptr++;

		}

	{ Opt_ntlm, "ntlm" },

	{ Opt_sec_ntlmi, "ntlmi" },

	{ Opt_sec_lanman, "lanman" },

	case Opt_sec_ntlmi:

		ctx->sign = true;

		fallthrough;

	case Opt_ntlm:

		ctx->sectype = NTLM;

		break;

#ifdef CONFIG_CIFS_WEAK_PW_HASH

	case Opt_sec_lanman:

		ctx->sectype = LANMAN;

		break;

#endif

	Opt_ntlm,

	Opt_sec_ntlmi,

	Opt_sec_lanman,

		case NTLM:

			if (global_secflags & CIFSSEC_MAY_NTLM)

				return NTLM;

/*

 * LANMAN and plaintext are less secure and off by default.

 * So we make this explicitly be turned on in kconfig (in the

 * build) and turned on at runtime (changed from the default)

 * in proc/fs/cifs or via mount parm.  Unfortunately this is

 * needed for old Win (e.g. Win95), some obscure NAS and OS/2

 */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

static void

sess_auth_lanman(struct sess_data *sess_data)

{

	int rc = 0;

	struct smb_hdr *smb_buf;

	SESSION_SETUP_ANDX *pSMB;

	char *bcc_ptr;

	struct cifs_ses *ses = sess_data->ses;

	char lnm_session_key[CIFS_AUTH_RESP_SIZE];

	__u16 bytes_remaining;

	/* lanman 2 style sessionsetup */

	/* wct = 10 */

	rc = sess_alloc_buffer(sess_data, 10);

	if (rc)

		goto out;

	pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;

	bcc_ptr = sess_data->iov[2].iov_base;

	(void)cifs_ssetup_hdr(ses, pSMB);

	pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;

	if (ses->user_name != NULL) {

		/* no capabilities flags in old lanman negotiation */

		pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);

		/* Calculate hash with password and copy into bcc_ptr.

		 * Encryption Key (stored as in cryptkey) gets used if the

		 * security mode bit in Negotiate Protocol response states

		 * to use challenge/response method (i.e. Password bit is 1).

		 */

		rc = calc_lanman_hash(ses->password, ses->server->cryptkey,

				      ses->server->sec_mode & SECMODE_PW_ENCRYPT ?

				      true : false, lnm_session_key);

		if (rc)

			goto out;

		memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_AUTH_RESP_SIZE);

		bcc_ptr += CIFS_AUTH_RESP_SIZE;

	} else {

		pSMB->old_req.PasswordLength = 0;

	}

	/*

	 * can not sign if LANMAN negotiated so no need

	 * to calculate signing key? but what if server

	 * changed to do higher than lanman dialect and

	 * we reconnected would we ever calc signing_key?

	 */

	cifs_dbg(FYI, "Negotiating LANMAN setting up strings\n");

	/* Unicode not allowed for LANMAN dialects */

	ascii_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);

	sess_data->iov[2].iov_len = (long) bcc_ptr -

			(long) sess_data->iov[2].iov_base;

	rc = sess_sendreceive(sess_data);

	if (rc)

		goto out;

	pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;

	smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;

	/* lanman response has a word count of 3 */

	if (smb_buf->WordCount != 3) {

		rc = -EIO;

		cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);

		goto out;

	}

	if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN)

		cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */

	ses->Suid = smb_buf->Uid;   /* UID left in wire format (le) */

	cifs_dbg(FYI, "UID = %llu\n", ses->Suid);

	bytes_remaining = get_bcc(smb_buf);

	bcc_ptr = pByteArea(smb_buf);

	/* BB check if Unicode and decode strings */

	if (bytes_remaining == 0) {

		/* no string area to decode, do nothing */

	} else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {

		/* unicode string area must be word-aligned */

		if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {

			++bcc_ptr;

			--bytes_remaining;

		}

		decode_unicode_ssetup(&bcc_ptr, bytes_remaining, ses,

				      sess_data->nls_cp);

	} else {

		decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses,

				    sess_data->nls_cp);

	}

	rc = sess_establish_session(sess_data);

out:

	sess_data->result = rc;

	sess_data->func = NULL;

	sess_free_buffer(sess_data);

}

#endif

static void

sess_auth_ntlm(struct sess_data *sess_data)

{

	int rc = 0;

	struct smb_hdr *smb_buf;

	SESSION_SETUP_ANDX *pSMB;

	char *bcc_ptr;

	struct cifs_ses *ses = sess_data->ses;

	__u32 capabilities;

	__u16 bytes_remaining;

	/* old style NTLM sessionsetup */

	/* wct = 13 */

	rc = sess_alloc_buffer(sess_data, 13);

	if (rc)

		goto out;

	pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;

	bcc_ptr = sess_data->iov[2].iov_base;

	capabilities = cifs_ssetup_hdr(ses, pSMB);

	pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);

	if (ses->user_name != NULL) {

		pSMB->req_no_secext.CaseInsensitivePasswordLength =

				cpu_to_le16(CIFS_AUTH_RESP_SIZE);

		pSMB->req_no_secext.CaseSensitivePasswordLength =

				cpu_to_le16(CIFS_AUTH_RESP_SIZE);

		/* calculate ntlm response and session key */

		rc = setup_ntlm_response(ses, sess_data->nls_cp);

		if (rc) {

			cifs_dbg(VFS, "Error %d during NTLM authentication\n",

					 rc);

			goto out;

		}

		/* copy ntlm response */

		memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,

				CIFS_AUTH_RESP_SIZE);

		bcc_ptr += CIFS_AUTH_RESP_SIZE;

		memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,

				CIFS_AUTH_RESP_SIZE);

		bcc_ptr += CIFS_AUTH_RESP_SIZE;

	} else {

		pSMB->req_no_secext.CaseInsensitivePasswordLength = 0;

		pSMB->req_no_secext.CaseSensitivePasswordLength = 0;

	}

	if (ses->capabilities & CAP_UNICODE) {

		/* unicode strings must be word aligned */

		if (sess_data->iov[0].iov_len % 2) {

			*bcc_ptr = 0;

			bcc_ptr++;

		}

		unicode_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);

	} else {

		ascii_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);

	}

	sess_data->iov[2].iov_len = (long) bcc_ptr -

			(long) sess_data->iov[2].iov_base;

	rc = sess_sendreceive(sess_data);

	if (rc)

		goto out;

	pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;

	smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;

	if (smb_buf->WordCount != 3) {

		rc = -EIO;

		cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);

		goto out;

	}

	if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN)

		cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */

	ses->Suid = smb_buf->Uid;   /* UID left in wire format (le) */

	cifs_dbg(FYI, "UID = %llu\n", ses->Suid);

	bytes_remaining = get_bcc(smb_buf);

	bcc_ptr = pByteArea(smb_buf);

	/* BB check if Unicode and decode strings */

	if (bytes_remaining == 0) {

		/* no string area to decode, do nothing */

	} else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {

		/* unicode string area must be word-aligned */

		if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {

			++bcc_ptr;

			--bytes_remaining;

		}

		decode_unicode_ssetup(&bcc_ptr, bytes_remaining, ses,

				      sess_data->nls_cp);

	} else {

		decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses,

				    sess_data->nls_cp);

	}

	rc = sess_establish_session(sess_data);

out:

	sess_data->result = rc;

	sess_data->func = NULL;

	sess_free_buffer(sess_data);

	kfree(ses->auth_key.response);

	ses->auth_key.response = NULL;

}

	case LANMAN:

		/* LANMAN and plaintext are less secure and off by default.

		 * So we make this explicitly be turned on in kconfig (in the

		 * build) and turned on at runtime (changed from the default)

		 * in proc/fs/cifs or via mount parm.  Unfortunately this is

		 * needed for old Win (e.g. Win95), some obscure NAS and OS/2 */

#ifdef CONFIG_CIFS_WEAK_PW_HASH

		sess_data->func = sess_auth_lanman;

		break;

#else

		return -EOPNOTSUPP;

#endif

	case NTLM:

		sess_data->func = sess_auth_ntlm;

		break;

#include <crypto/des.h>

E_P16(unsigned char *p14, unsigned char *p16)

{

	int rc;

	unsigned char sp8[8] =

	    { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };

	rc = smbhash(p16, sp8, p14);

	if (rc)

		return rc;

	rc = smbhash(p16 + 8, sp8, p14 + 7);

	return rc;

}

static int

E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)

{

	int rc;

	rc = smbhash(p24, c8, p21);

	if (rc)

		return rc;

	rc = smbhash(p24 + 8, c8, p21 + 7);

	if (rc)

		return rc;

	rc = smbhash(p24 + 16, c8, p21 + 14);

	return rc;

}

/* produce a md4 message digest from data of length n bytes */

int

   This implements the X/Open SMB password encryption

   It takes a password, a 8 byte "crypt key" and puts 24 bytes of

   encrypted password into p24 */

/* Note that password must be uppercased and null terminated */

int

SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)

{

	int rc;

	unsigned char p14[14], p16[16], p21[21];

	memset(p14, '\0', 14);

	memset(p16, '\0', 16);

	memset(p21, '\0', 21);

	memcpy(p14, passwd, 14);

	rc = E_P16(p14, p16);

	if (rc)

		return rc;

	memcpy(p21, p16, 16);

	rc = E_P24(p21, c8, p24);

	return rc;

}

/*

/* Does the NT MD4 hash then des encryption. */

int

SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24,

		const struct nls_table *codepage)

{

	int rc;

	unsigned char p16[16], p21[21];

	memset(p16, '\0', 16);

	memset(p21, '\0', 21);

	rc = E_md4hash(passwd, p16, codepage);

	if (rc) {

		cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",

			 __func__, rc);

		return rc;

	}

	memcpy(p21, p16, 16);

	rc = E_P24(p21, c8, p24);

	return rc;

}