diff options
| author | Steve French <smfrench@gmail.com> | 2013-06-27 08:45:05 +0400 |
|---|---|---|
| committer | Steve French <smfrench@gmail.com> | 2013-06-27 08:45:05 +0400 |
| commit | 429b46f4fdaf9c9007b7c0fc371b94e40c3764b2 (patch) | |
| tree | 7643a60439f4e81159e6327539a0983270e38331 /fs/cifs/cifspdu.h | |
| parent | f87ab88b4065a9ef00620224c4fafadc201a430c (diff) | |
| download | linux-429b46f4fdaf9c9007b7c0fc371b94e40c3764b2.tar.xz | |
[CIFS] SMB3 Signing enablement
SMB3 uses a much faster method of signing (which is also better in other ways),
AES-CMAC. With the kernel now supporting AES-CMAC since last release, we
are overdue to allow SMB3 signing (today only CIFS and SMB2 and SMB2.1,
but not SMB3 and SMB3.1 can sign) - and we need this also for checking
secure negotation and also per-share encryption (two other new SMB3 features
which we need to implement).
This patch needs some work in a few areas - for example we need to
move signing for SMB2/SMB3 from per-socket to per-user (we may be able to
use the "nosharesock" mount option in the interim for the multiuser case),
and Shirish found a bug in the earlier authentication overhaul
(setting signing flags properly) - but those can be done in followon
patches.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/cifspdu.h')
| -rw-r--r-- | fs/cifs/cifspdu.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/cifs/cifspdu.h b/fs/cifs/cifspdu.h index 7e8523c5c18e..11ca24a8e054 100644 --- a/fs/cifs/cifspdu.h +++ b/fs/cifs/cifspdu.h @@ -142,6 +142,11 @@ */ #define CIFS_SESS_KEY_SIZE (16) +/* + * Size of the smb3 signing key + */ +#define SMB3_SIGN_KEY_SIZE (16) + #define CIFS_CLIENT_CHALLENGE_SIZE (8) #define CIFS_SERVER_CHALLENGE_SIZE (8) #define CIFS_HMAC_MD5_HASH_SIZE (16) |