sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

libcli:smb: Use GnuTLS SHA256 HMAC in smb2_signing_sign_pdu()

Browse Source 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andreas Schneider 2019-03-14 17:22:22 +01:00 committed by Andrew Bartlett
parent cda938cd9c
commit eca425ef5b
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
libcli/smb/smb2_signing.c
View File

@ -82,17 +82,29 @@ NTSTATUS smb2_signing_sign_pdu(DATA_BLOB signing_key,
ZERO_ARRAY(key);
} else {
struct HMACSHA256Context m;
uint8_t digest[SHA256_DIGEST_LENGTH];
gnutls_hmac_hd_t hmac_hnd = NULL;
uint8_t digest[gnutls_hmac_get_len(GNUTLS_MAC_SHA256)];
int rc;
ZERO_STRUCT(m);
hmac_sha256_init(signing_key.data, MIN(signing_key.length, 16), &m);
for (i=0; i < count; i++) {
hmac_sha256_update((const uint8_t *)vector[i].iov_base,
vector[i].iov_len, &m);
rc = gnutls_hmac_init(&hmac_hnd,
GNUTLS_MAC_SHA256,
signing_key.data,
MIN(signing_key.length, 16));
if (rc < 0) {
return NT_STATUS_NO_MEMORY;
}
hmac_sha256_final(digest, &m);
memcpy(res, digest, 16);
for (i = 0; i < count; i++) {
rc = gnutls_hmac(hmac_hnd,
vector[i].iov_base,
vector[i].iov_len);
if (rc < 0) {
gnutls_hmac_deinit(hmac_hnd, NULL);
return NT_STATUS_NO_MEMORY;
}
}
gnutls_hmac_deinit(hmac_hnd, digest);
memcpy(res, digest, sizeof(res));
}
DEBUG(5,("signed SMB2 message\n"));