diff options
author | Jeremy Allison <jra@samba.org> | 2005-05-27 16:15:56 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:57:00 -0500 |
commit | 26e12ebd07afbafb29f4d2974a9dd599eec606e0 (patch) | |
tree | c3300edeece6948241fd406bc832fc708950cba7 | |
parent | 54aee75980dd7eb4cc4d5b8e94149fc088a3d7e5 (diff) | |
download | samba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.tar.gz samba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.tar.bz2 samba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.zip |
r7031: Added encrypt/decrypt function for LSA secrets and trusted
domain passwords on the wire.
Jeremy.
(This used to be commit f82dcac25faf7876655cb1839846cc5e01e4add7)
-rw-r--r-- | source3/libsmb/smbdes.c | 2 | ||||
-rw-r--r-- | source3/libsmb/smbencrypt.c | 29 |
2 files changed, 30 insertions, 1 deletions
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index ae946b4a66..70581f1b2d 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -276,7 +276,7 @@ static void str_to_key(const unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) +void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { int i; char outb[64]; diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 55e06ffe97..d3573d0e1e 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -513,6 +513,7 @@ BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags) *new_pw_len is the length in bytes of the possibly mulitbyte returned password including termination. ************************************************************/ + BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd, int new_pwrd_size, uint32 *new_pw_len, int string_flags) @@ -554,3 +555,31 @@ BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd, return True; } + +/*********************************************************** + Encrypt/Decrypt used for LSA secrets and trusted domain + passwords. +************************************************************/ + +void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, int forward) +{ + int i, k; + + for (i=0,k=0; + i<in->length; + i += 8, k += 7) { + uint8_t bin[8], bout[8], key[7]; + + memset(bin, 0, 8); + memcpy(bin, &in->data[i], MIN(8, in->length-i)); + + if (k + 7 > session_key->length) { + k = (session_key->length - k); + } + memcpy(key, &session_key->data[k], 7); + + smbhash(bout, bin, key, forward?1:0); + + memcpy(&out->data[i], bout, MIN(8, in->length-i)); + } +} |