From 429600c5f3079c8433d5a542383908d6ff61fe60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnther=20Deschner?= Date: Thu, 29 Nov 2012 21:23:30 +0100 Subject: [PATCH] libcli/auth: add netlogon_creds_aes_{en|de}crypt routines. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Guenther Signed-off-by: Günther Deschner Reviewed-by: Stefan Metzmacher --- libcli/auth/credentials.c | 28 ++++++++++++++++++++++++++++ libcli/auth/proto.h | 2 ++ 2 files changed, 30 insertions(+) diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index dfbfdb356aa..be43c95be9d 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -222,6 +222,34 @@ void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, data_blob_free(&session_key); } +/* + AES encrypt a password buffer using the session key +*/ +void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) +{ + AES_KEY key; + uint8_t iv[AES_BLOCK_SIZE]; + + AES_set_encrypt_key(creds->session_key, 128, &key); + ZERO_STRUCT(iv); + + aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT); +} + +/* + AES decrypt a password buffer using the session key +*/ +void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) +{ + AES_KEY key; + uint8_t iv[AES_BLOCK_SIZE]; + + AES_set_encrypt_key(creds->session_key, 128, &key); + ZERO_STRUCT(iv); + + aes_cfb8_encrypt(data, data, len, &key, iv, AES_DECRYPT); +} + /***************************************************************** The above functions are common to the client and server interface next comes the client specific functions diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 37c87b4a74f..b9d91d04ea5 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -16,6 +16,8 @@ void netlogon_creds_des_decrypt_LMKey(struct netlogon_creds_CredentialState *cre void netlogon_creds_des_encrypt(struct netlogon_creds_CredentialState *creds, struct samr_Password *pass); void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, struct samr_Password *pass); void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); +void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); +void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); /***************************************************************** The above functions are common to the client and server interface