diff options
author | Isaac Boukris <iboukris@gmail.com> | 2019-11-07 16:16:26 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2019-12-10 00:30:30 +0000 |
commit | 9fb6361a8b09fd575bab2f5572fa9e10bd538eed (patch) | |
tree | 9441648c3ec37129c410ec56a603088a1b639a8f /libcli | |
parent | ecee1998034b84026ab604dbe4400d9e53dcafd4 (diff) | |
download | samba-9fb6361a8b09fd575bab2f5572fa9e10bd538eed.tar.gz |
smbdes: convert E_P16() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/auth/proto.h | 2 | ||||
-rw-r--r-- | libcli/auth/smbdes.c | 12 | ||||
-rw-r--r-- | libcli/auth/smbencrypt.c | 6 | ||||
-rw-r--r-- | libcli/auth/tests/test_gnutls.c | 5 |
4 files changed, 19 insertions, 6 deletions
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 7dad549fc43..9ae62efca31 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -223,7 +223,7 @@ WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx, void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int forw); int des_crypt56_gnutls(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], enum samba_gnutls_direction encrypt); -void E_P16(const uint8_t *p14,uint8_t *p16); +int E_P16(const uint8_t *p14,uint8_t *p16); void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24); void D_P16(const uint8_t *p14, const uint8_t *in, uint8_t *out); void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out); diff --git a/libcli/auth/smbdes.c b/libcli/auth/smbdes.c index fe397592fbb..c0d10278179 100644 --- a/libcli/auth/smbdes.c +++ b/libcli/auth/smbdes.c @@ -361,11 +361,17 @@ void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int } } -void E_P16(const uint8_t *p14,uint8_t *p16) +int E_P16(const uint8_t *p14,uint8_t *p16) { const uint8_t sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - des_crypt56(p16, sp8, p14, 1); - des_crypt56(p16+8, sp8, p14+7, 1); + int ret; + + ret = des_crypt56_gnutls(p16, sp8, p14, SAMBA_GNUTLS_ENCRYPT); + if (ret != 0) { + return ret; + } + + return des_crypt56_gnutls(p16+8, sp8, p14+7, SAMBA_GNUTLS_ENCRYPT); } void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24) diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c index b1d4f985ecf..f2f446eda97 100644 --- a/libcli/auth/smbencrypt.c +++ b/libcli/auth/smbencrypt.c @@ -105,6 +105,7 @@ bool E_md4hash(const char *passwd, uint8_t p16[16]) bool E_deshash(const char *passwd, uint8_t p16[16]) { bool ret; + int rc; uint8_t dospwd[14]; TALLOC_CTX *frame = talloc_stackframe(); @@ -133,7 +134,10 @@ bool E_deshash(const char *passwd, uint8_t p16[16]) * case to avoid returning a fixed 'password' buffer, but * callers should not use it when E_deshash returns false */ - E_P16((const uint8_t *)dospwd, p16); + rc = E_P16((const uint8_t *)dospwd, p16); + if (rc != 0) { + ret = false; + } ZERO_STRUCT(dospwd); diff --git a/libcli/auth/tests/test_gnutls.c b/libcli/auth/tests/test_gnutls.c index f603fa819e8..a6e8fd5b352 100644 --- a/libcli/auth/tests/test_gnutls.c +++ b/libcli/auth/tests/test_gnutls.c @@ -274,7 +274,10 @@ static void torture_gnutls_E_P16(void **state) 0x1D, 0xEA, 0xD9, 0xFF, 0xB0, 0xA9, 0xA4, 0x05 }; - E_P16(key, buffer); + int rc; + + rc = E_P16(key, buffer); + assert_int_equal(rc, 0); assert_memory_equal(buffer, crypt_expected, 16); } |