sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

smbdes: convert des_crypt128() to use gnutls

Browse Source 
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Isaac Boukris 2019-11-08 17:49:48 +01:00 committed by Andrew Bartlett
parent a5548af018
commit c57f429574
4 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libcli/auth/credentials.c
View File

@ -66,6 +66,7 @@ static NTSTATUS netlogon_creds_init_64bit(struct netlogon_creds_CredentialState
{ {
uint32_t sum[2]; uint32_t sum[2];
uint8_t sum2[8]; uint8_t sum2[8];
int rc;
sum[0] = IVAL(client_challenge->data, 0) + IVAL(server_challenge->data, 0); sum[0] = IVAL(client_challenge->data, 0) + IVAL(server_challenge->data, 0);
sum[1] = IVAL(client_challenge->data, 4) + IVAL(server_challenge->data, 4); sum[1] = IVAL(client_challenge->data, 4) + IVAL(server_challenge->data, 4);
@ -75,7 +76,10 @@ static NTSTATUS netlogon_creds_init_64bit(struct netlogon_creds_CredentialState
ZERO_ARRAY(creds->session_key); ZERO_ARRAY(creds->session_key);
des_crypt128(creds->session_key, sum2, machine_password->hash); rc = des_crypt128(creds->session_key, sum2, machine_password->hash);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
return NT_STATUS_OK; return NT_STATUS_OK;
} }

2
libcli/auth/proto.h
View File

@ -226,7 +226,7 @@ int des_crypt56_gnutls(uint8_t out[8], const uint8_t in[8], const uint8_t key[7]
int E_P16(const uint8_t *p14,uint8_t *p16); int E_P16(const uint8_t *p14,uint8_t *p16);
int E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24); int E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24);
void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out); void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out);
void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]); int des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]);
void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw); void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw);
void des_crypt112_16(uint8_t out[16], const uint8_t in[16], const uint8_t key[14], int forw); void des_crypt112_16(uint8_t out[16], const uint8_t in[16], const uint8_t key[14], int forw);
int sam_rid_crypt(unsigned int rid, const uint8_t *in, uint8_t *out, int sam_rid_crypt(unsigned int rid, const uint8_t *in, uint8_t *out,

12
libcli/auth/smbdes.c
View File

@ -398,11 +398,17 @@ void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out)
} }
/* des encryption with a 128 bit key */ /* des encryption with a 128 bit key */
void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]) int des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16])
{ {
uint8_t buf[8]; uint8_t buf[8];
des_crypt56(buf, in, key, 1); int ret;
des_crypt56(out, buf, key+9, 1);
ret = des_crypt56_gnutls(buf, in, key, SAMBA_GNUTLS_ENCRYPT);
if (ret != 0) {
return ret;
}
return des_crypt56_gnutls(out, buf, key+9, SAMBA_GNUTLS_ENCRYPT);
} }
/* des encryption with a 112 bit (14 byte) key */ /* des encryption with a 112 bit (14 byte) key */

4
libcli/auth/tests/test_gnutls.c
View File

@ -362,8 +362,10 @@ static void torture_gnutls_des_crypt128(void **state)
}; };
uint8_t crypt[8]; uint8_t crypt[8];
int rc;
des_crypt128(crypt, clear, key); rc = des_crypt128(crypt, clear, key);
assert_int_equal(rc, 0);
assert_memory_equal(crypt, crypt_expected, 8); assert_memory_equal(crypt, crypt_expected, 8);
} }