diff options
| author | Stefan Metzmacher <metze@samba.org> | 2021-03-05 16:10:07 +0100 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2021-03-17 00:49:32 +0000 |
| commit | e4c1a0059504085d2b226b871de568d8a51c2dcd (patch) | |
| tree | f6c30b15d7205341a7640058493f27879c9b9f0f /libcli | |
| parent | 17b99809b3f19dddef6b780decbbace48e76e12e (diff) | |
| download | samba-e4c1a0059504085d2b226b871de568d8a51c2dcd.tar.gz | |
libcli/smb: add smb2_signing_derivations_fill_const_stack()
This will allow us to have the logic in one place only
in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/smb/smb2_signing.c | 56 | ||||
| -rw-r--r-- | libcli/smb/smb2_signing.h | 20 |
2 files changed, 76 insertions, 0 deletions
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index e263c29fef5..6e1b50ba49a 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -34,6 +34,62 @@ #include "lib/crypto/gnutls_helpers.h" +void smb2_signing_derivations_fill_const_stack(struct smb2_signing_derivations *ds, + enum protocol_types protocol, + const DATA_BLOB preauth_hash) +{ + *ds = (struct smb2_signing_derivations) { .signing = NULL, }; + + if (protocol >= PROTOCOL_SMB3_10) { + struct smb2_signing_derivation *d = NULL; + + SMB_ASSERT(preauth_hash.length != 0); + + d = &ds->__signing; + ds->signing = d; + d->label = data_blob_string_const_null("SMBSigningKey"); + d->context = preauth_hash; + + d = &ds->__cipher_c2s; + ds->cipher_c2s = d; + d->label = data_blob_string_const_null("SMBC2SCipherKey"); + d->context = preauth_hash; + + d = &ds->__cipher_s2c; + ds->cipher_s2c = d; + d->label = data_blob_string_const_null("SMBS2CCipherKey"); + d->context = preauth_hash; + + d = &ds->__application; + ds->application = d; + d->label = data_blob_string_const_null("SMBAppKey"); + d->context = preauth_hash; + + } else if (protocol >= PROTOCOL_SMB2_24) { + struct smb2_signing_derivation *d = NULL; + + d = &ds->__signing; + ds->signing = d; + d->label = data_blob_string_const_null("SMB2AESCMAC"); + d->context = data_blob_string_const_null("SmbSign"); + + d = &ds->__cipher_c2s; + ds->cipher_c2s = d; + d->label = data_blob_string_const_null("SMB2AESCCM"); + d->context = data_blob_string_const_null("ServerIn "); + + d = &ds->__cipher_s2c; + ds->cipher_s2c = d; + d->label = data_blob_string_const_null("SMB2AESCCM"); + d->context = data_blob_string_const_null("ServerOut"); + + d = &ds->__application; + ds->application = d; + d->label = data_blob_string_const_null("SMB2APP"); + d->context = data_blob_string_const_null("SmbRpc"); + } +} + int smb2_signing_key_destructor(struct smb2_signing_key *key) { if (key->hmac_hnd != NULL) { diff --git a/libcli/smb/smb2_signing.h b/libcli/smb/smb2_signing.h index 79989039d50..0a80467717e 100644 --- a/libcli/smb/smb2_signing.h +++ b/libcli/smb/smb2_signing.h @@ -23,6 +23,26 @@ struct iovec; +struct smb2_signing_derivation { + DATA_BLOB label; + DATA_BLOB context; +}; + +struct smb2_signing_derivations { + struct smb2_signing_derivation __signing; + const struct smb2_signing_derivation *signing; + struct smb2_signing_derivation __cipher_c2s; + const struct smb2_signing_derivation *cipher_c2s; + struct smb2_signing_derivation __cipher_s2c; + const struct smb2_signing_derivation *cipher_s2c; + struct smb2_signing_derivation __application; + const struct smb2_signing_derivation *application; +}; + +void smb2_signing_derivations_fill_const_stack(struct smb2_signing_derivations *ds, + enum protocol_types protocol, + const DATA_BLOB preauth_hash); + struct smb2_signing_key { DATA_BLOB blob; union { |