diff options
author | Andreas Schneider <asn@samba.org> | 2018-11-05 18:10:55 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2019-05-21 00:03:22 +0000 |
commit | 1834b822168b477c3ed1f828453e7f41a31153ff (patch) | |
tree | d740d14ca9c24939b8195c532d0f2aacf7dfacc9 | |
parent | 94b2f00039cd1d6411cd209b01d3ee98df72633f (diff) | |
download | samba-1834b822168b477c3ed1f828453e7f41a31153ff.tar.gz |
s3:rpc_client: Use GnuTLS MD5 for samr
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source3/rpc_client/init_samr.c | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 7f1a22908ba..d116ece576f 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -19,10 +19,12 @@ #include "includes.h" #include "../libcli/auth/libcli_auth.h" -#include "../lib/crypto/md5.h" #include "../lib/crypto/arcfour.h" #include "rpc_client/init_samr.h" +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> + /************************************************************************* inits a samr_CryptPasswordEx structure *************************************************************************/ @@ -33,26 +35,46 @@ void init_samr_CryptPasswordEx(const char *pwd, { /* samr_CryptPasswordEx */ - uchar pwbuf[532]; - MD5_CTX md5_ctx; + uint8_t pwbuf[532]; + gnutls_hash_hd_t hash_hnd = NULL; uint8_t confounder[16]; DATA_BLOB confounded_session_key = data_blob(NULL, 16); + int rc; encode_pw_buffer(pwbuf, pwd, STR_UNICODE); generate_random_buffer((uint8_t *)confounder, 16); - MD5Init(&md5_ctx); - MD5Update(&md5_ctx, confounder, 16); - MD5Update(&md5_ctx, session_key->data, - session_key->length); - MD5Final(confounded_session_key.data, &md5_ctx); + rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5); + if (rc < 0) { + goto out; + } + + rc = gnutls_hash(hash_hnd, confounder, 16); + if (rc < 0) { + gnutls_hash_deinit(hash_hnd, NULL); + goto out; + } + rc = gnutls_hash(hash_hnd, session_key->data, session_key->length); + if (rc < 0) { + gnutls_hash_deinit(hash_hnd, NULL); + goto out; + } + + gnutls_hash_deinit(hash_hnd, confounded_session_key.data); arcfour_crypt_blob(pwbuf, 516, &confounded_session_key); + ZERO_ARRAY_LEN(confounded_session_key.data, + confounded_session_key.length); + data_blob_free(&confounded_session_key); + memcpy(&pwbuf[516], confounder, 16); + ZERO_ARRAY(confounder); memcpy(pwd_buf->data, pwbuf, sizeof(pwbuf)); - data_blob_free(&confounded_session_key); + ZERO_ARRAY(pwbuf); +out: + return; } /************************************************************************* |