CVE-2021-20251 lib:crypto: Add des_crypt_blob_16() for encrypting data with DES

This lets us access single-DES from Python. This function is used in a
following commit for encrypting an NT hash to obtain the verifier for a
SAMR password change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2 files changed, 66 insertions, 1 deletions

diff --git a/lib/crypto/py_crypto.c b/lib/crypto/py_crypto.c
index ad18d3ada0f..6753d3d8e9c 100644
--- a/lib/crypto/py_crypto.c
+++ b/lib/crypto/py_crypto.c
@@ -25,6 +25,7 @@
 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
 #include "lib/crypto/gnutls_helpers.h"
+#include "libcli/auth/libcli_auth.h"
 
 static PyObject *py_crypto_arcfour_crypt_blob(PyObject *module, PyObject *args)
 {
@@ -100,13 +101,77 @@ static PyObject *py_crypto_set_strict_mode(PyObject *module)
 	Py_RETURN_NONE;
 }
 
+static PyObject *py_crypto_des_crypt_blob_16(PyObject *self, PyObject *args)
+{
+	PyObject *py_data = NULL;
+	uint8_t *data = NULL;
+	Py_ssize_t data_size;
+
+	PyObject *py_key = NULL;
+	uint8_t *key = NULL;
+	Py_ssize_t key_size;
+
+	uint8_t result[16];
+
+	bool ok;
+	int ret;
+
+	ok = PyArg_ParseTuple(args, "SS",
+			      &py_data, &py_key);
+	if (!ok) {
+		return NULL;
+	}
+
+	ret = PyBytes_AsStringAndSize(py_data,
+				      (char **)&data,
+				      &data_size);
+	if (ret != 0) {
+		return NULL;
+	}
+
+	ret = PyBytes_AsStringAndSize(py_key,
+				      (char **)&key,
+				      &key_size);
+	if (ret != 0) {
+		return NULL;
+	}
+
+	if (data_size != 16) {
+		return PyErr_Format(PyExc_ValueError,
+				    "Expected data size of 16 bytes; got %zd",
+				    data_size);
+	}
+
+	if (key_size != 14) {
+		return PyErr_Format(PyExc_ValueError,
+				    "Expected key size of 14 bytes; got %zd",
+				    key_size);
+	}
+
+	ret = des_crypt112_16(result, data, key,
+			      SAMBA_GNUTLS_ENCRYPT);
+	if (ret != 0) {
+		return PyErr_Format(PyExc_RuntimeError,
+				    "des_crypt112_16() failed: %d",
+				    ret);
+	}
+
+	return PyBytes_FromStringAndSize((const char *)result,
+					 sizeof(result));
+}
+
 static const char py_crypto_arcfour_crypt_blob_doc[] = "arcfour_crypt_blob(data, key)\n"
 					 "Encrypt the data with RC4 algorithm using the key";
 
+static const char py_crypto_des_crypt_blob_16_doc[] = "des_crypt_blob_16(data, key) -> bytes\n"
+						      "Encrypt the 16-byte data with DES using "
+						      "the 14-byte key";
+
 static PyMethodDef py_crypto_methods[] = {
 	{ "arcfour_crypt_blob", (PyCFunction)py_crypto_arcfour_crypt_blob, METH_VARARGS, py_crypto_arcfour_crypt_blob_doc },
 	{ "set_relax_mode", (PyCFunction)py_crypto_set_relax_mode, METH_NOARGS, "Set fips to relax mode" },
 	{ "set_strict_mode", (PyCFunction)py_crypto_set_strict_mode, METH_NOARGS, "Set fips to strict mode" },
+	{ "des_crypt_blob_16", (PyCFunction)py_crypto_des_crypt_blob_16, METH_VARARGS, py_crypto_des_crypt_blob_16_doc },
 	{0},
 };
 
diff --git a/lib/crypto/wscript b/lib/crypto/wscript
index 78927437e37..acf5cb8e731 100644
--- a/lib/crypto/wscript
+++ b/lib/crypto/wscript
@@ -81,7 +81,7 @@ def build(bld):
 
     bld.SAMBA_PYTHON('python_crypto',
                      source='py_crypto.c',
-                     deps='gnutls talloc',
+                     deps='gnutls talloc LIBCLI_AUTH',
                      realname='samba/crypto.so')
 
     bld.SAMBA_BINARY('test_gnutls_aead_aes_256_cbc_hmac_sha512',