diff options
| author | Aurelien Aptel <aaptel@suse.com> | 2019-02-06 19:23:35 +0100 |
|---|---|---|
| committer | David Disseldorp <ddiss@samba.org> | 2019-02-09 18:30:14 +0100 |
| commit | 67825c96473ff8731af415683b4a74caca7a6809 (patch) | |
| tree | f1dcee1643e52970e3449139479573f6be1d7ee2 /libcli | |
| parent | 7ff94b18e2e39567ef7a208084cc5c914c39d3bd (diff) | |
| download | samba-67825c96473ff8731af415683b4a74caca7a6809.tar.gz | |
libcli: add getters for smb2 {signing,encryption,decryption} keys
Adds:
- smb2cli_session_signing_key()
- smb2cli_session_encryption_key()
- smb2cli_session_decryption_key()
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/smb/smbXcli_base.c | 79 | ||||
| -rw-r--r-- | libcli/smb/smbXcli_base.h | 9 |
2 files changed, 88 insertions, 0 deletions
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 3118365871a..2455b6deacd 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -5561,6 +5561,85 @@ bool smbXcli_session_is_authenticated(struct smbXcli_session *session) return true; } +NTSTATUS smb2cli_session_signing_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key) +{ + DATA_BLOB *sig = NULL; + + if (session->conn == NULL) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + /* + * Use channel signing key if there is one, otherwise fallback + * to session. + */ + + if (session->smb2_channel.signing_key.length != 0) { + sig = &session->smb2_channel.signing_key; + } else if (session->smb2->signing_key.length != 0) { + sig = &session->smb2->signing_key; + } else { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + *key = data_blob_dup_talloc(mem_ctx, *sig); + if (key->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + +NTSTATUS smb2cli_session_encryption_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key) +{ + if (session->conn == NULL) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + if (session->conn->protocol < PROTOCOL_SMB3_00) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + if (session->smb2->encryption_key.length == 0) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + *key = data_blob_dup_talloc(mem_ctx, session->smb2->encryption_key); + if (key->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + +NTSTATUS smb2cli_session_decryption_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key) +{ + if (session->conn == NULL) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + if (session->conn->protocol < PROTOCOL_SMB3_00) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + if (session->smb2->decryption_key.length == 0) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + + *key = data_blob_dup_talloc(mem_ctx, session->smb2->decryption_key); + if (key->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session, TALLOC_CTX *mem_ctx, DATA_BLOB *key) diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h index 42c2519c7ff..a7256490bd1 100644 --- a/libcli/smb/smbXcli_base.h +++ b/libcli/smb/smbXcli_base.h @@ -468,6 +468,15 @@ struct smbXcli_session *smbXcli_session_copy(TALLOC_CTX *mem_ctx, struct smbXcli_session *src); bool smbXcli_session_is_guest(struct smbXcli_session *session); bool smbXcli_session_is_authenticated(struct smbXcli_session *session); +NTSTATUS smb2cli_session_signing_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key); +NTSTATUS smb2cli_session_encryption_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key); +NTSTATUS smb2cli_session_decryption_key(struct smbXcli_session *session, + TALLOC_CTX *mem_ctx, + DATA_BLOB *key); NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session, TALLOC_CTX *mem_ctx, DATA_BLOB *key); |