1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

libcli/smb: make use of smb2_signing_derivations_fill_const_stack() smb2cli_session_set_session_key()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Stefan Metzmacher 2021-03-05 16:14:35 +01:00 committed by Jeremy Allison
parent e4c1a00595
commit 8e2f3e6558

View File

@ -6035,18 +6035,10 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
bool check_signature = true;
uint32_t hdr_flags;
NTSTATUS status;
struct _derivation {
DATA_BLOB label;
DATA_BLOB context;
};
struct {
struct _derivation signing;
struct _derivation encryption;
struct _derivation decryption;
struct _derivation application;
} derivation = {
.signing.label.length = 0,
struct smb2_signing_derivations derivations = {
.signing = NULL,
};
DATA_BLOB preauth_hash = data_blob_null;
size_t nonce_size = 0;
if (conn == NULL) {
@ -6080,48 +6072,14 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
}
if (conn->protocol >= PROTOCOL_SMB3_10) {
struct _derivation *d;
DATA_BLOB p;
p = data_blob_const(session->smb2_channel.preauth_sha512,
preauth_hash = data_blob_const(session->smb2_channel.preauth_sha512,
sizeof(session->smb2_channel.preauth_sha512));
d = &derivation.signing;
d->label = data_blob_string_const_null("SMBSigningKey");
d->context = p;
d = &derivation.encryption;
d->label = data_blob_string_const_null("SMBC2SCipherKey");
d->context = p;
d = &derivation.decryption;
d->label = data_blob_string_const_null("SMBS2CCipherKey");
d->context = p;
d = &derivation.application;
d->label = data_blob_string_const_null("SMBAppKey");
d->context = p;
} else if (conn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d;
d = &derivation.signing;
d->label = data_blob_string_const_null("SMB2AESCMAC");
d->context = data_blob_string_const_null("SmbSign");
d = &derivation.encryption;
d->label = data_blob_string_const_null("SMB2AESCCM");
d->context = data_blob_string_const_null("ServerIn ");
d = &derivation.decryption;
d->label = data_blob_string_const_null("SMB2AESCCM");
d->context = data_blob_string_const_null("ServerOut");
d = &derivation.application;
d->label = data_blob_string_const_null("SMB2APP");
d->context = data_blob_string_const_null("SmbRpc");
}
smb2_signing_derivations_fill_const_stack(&derivations,
conn->protocol,
preauth_hash);
ZERO_STRUCT(session_key);
memcpy(session_key, _session_key.data,
MIN(_session_key.length, sizeof(session_key)));
@ -6136,7 +6094,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
}
if (conn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.signing;
const struct smb2_signing_derivation *d = derivations.signing;
status = smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
@ -6166,7 +6124,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
}
if (conn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.encryption;
const struct smb2_signing_derivation *d = derivations.cipher_c2s;
status = smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
@ -6196,7 +6154,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
}
if (conn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.decryption;
const struct smb2_signing_derivation *d = derivations.cipher_s2c;
status = smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
@ -6217,7 +6175,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
}
if (conn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.application;
const struct smb2_signing_derivation *d = derivations.application;
status = smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,