diff options
author | Andreas Schneider <asn@samba.org> | 2022-07-25 10:29:01 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2022-07-28 11:51:29 +0000 |
commit | b39abe916d72ec31d7ceab07b083c89b88e9981b (patch) | |
tree | ea4f8e18f3ced50fe31f0c71c130f6fdca9eb3cd /libcli | |
parent | 626b0f4891b48f53d35f92e4050bada2cdb54ee2 (diff) | |
download | samba-b39abe916d72ec31d7ceab07b083c89b88e9981b.tar.gz |
libcli:auth: Implment a common create_pw_buffer_from_blob()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/auth/smbencrypt.c | 43 |
1 files changed, 38 insertions, 5 deletions
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c index 8384581c2bd..666ff314523 100644 --- a/libcli/auth/smbencrypt.c +++ b/libcli/auth/smbencrypt.c @@ -1080,21 +1080,54 @@ NTSTATUS decode_rc4_passwd_buffer(const DATA_BLOB *psession_key, encode a password buffer with an already unicode password. The rest of the buffer is filled with random data to make it harder to attack. ************************************************************/ -bool set_pw_in_buffer(uint8_t buffer[516], const DATA_BLOB *password) + +static bool create_pw_buffer_from_blob(uint8_t buffer[512], + const DATA_BLOB *in_password, + enum encode_order order) { - if (password->length > 512) { + size_t pwd_pos = 0; + size_t random_pos = 0; + size_t random_len = 0; + + if (in_password->length > 512) { return false; } - memcpy(&buffer[512 - password->length], password->data, password->length); + switch (order) { + case ENCODE_ORDER_PASSWORD_FIRST: + pwd_pos = 0; + random_pos = in_password->length; + break; + case ENCODE_ORDER_PASSWORD_LAST: + pwd_pos = PASSWORD_BUFFER_LEN - in_password->length; + random_pos = 0; + break; + } + random_len = PASSWORD_BUFFER_LEN - in_password->length; + + memcpy(buffer + pwd_pos, in_password->data, in_password->length); + generate_random_buffer(buffer + random_pos, random_len); + + return true; +} + +bool set_pw_in_buffer(uint8_t buffer[516], const DATA_BLOB *password) +{ + bool ok; - generate_random_buffer(buffer, 512 - password->length); + ok = create_pw_buffer_from_blob(buffer, + password, + ENCODE_ORDER_PASSWORD_LAST); + if (!ok) { + return false; + } /* * The length of the new password is in the last 4 bytes of * the data buffer. */ - SIVAL(buffer, 512, password->length); + PUSH_LE_U32(buffer, PASSWORD_BUFFER_LEN, password->length); + return true; } |