summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Chapman <matty@samba.org>1999-03-19 15:09:25 +0000
committerMatthew Chapman <matty@samba.org>1999-03-19 15:09:25 +0000
commitb5a5236f207867d52acb8573d69c92a7691b2d3f (patch)
treeb13a8b9507e276b9ded132c54665b1ba6309ed3c
parentfda194255c156ce373d5f195e960bf8712fe4d67 (diff)
downloadsamba-b5a5236f207867d52acb8573d69c92a7691b2d3f.tar.gz
samba-b5a5236f207867d52acb8573d69c92a7691b2d3f.tar.bz2
samba-b5a5236f207867d52acb8573d69c92a7691b2d3f.zip
Implemented encryption algorithm used for a number of RPC buffers.
(actually, decryption only currently because I need to get some sleep). Basically another Microsoft twist on DES; the "master key" is the user's NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys. (This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619)
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/include/rpc_lsa.h2
-rw-r--r--source3/libsmb/smbdes.c2
-rw-r--r--source3/libsmb/smbencrypt.c45
4 files changed, 51 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index e64a7a92aa..5ad1959677 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -739,6 +739,7 @@ void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
/*The following definitions come from libsmb/smbdes.c */
+void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw);
void E_P16(unsigned char *p14,unsigned char *p16);
void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out);
@@ -757,6 +758,7 @@ void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);
void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode);
+int nt_decrypt_string2(STRING2 *out, STRING2 *in, char nt_hash[16]);
/*The following definitions come from libsmb/smberr.c */
@@ -1568,8 +1570,8 @@ BOOL lsa_open_secret(struct cli_state *cli, uint16 fnum,
POLICY_HND *hnd_pol, char *secret_name, uint32 des_access,
POLICY_HND *hnd_secret);
BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum,
- POLICY_HND *pol, unsigned char secret[24],
- NTTIME *lastupdate);
+ POLICY_HND *pol, STRING2 *enc_secret,
+ NTTIME *last_update);
BOOL lsa_lookup_names(struct cli_state *cli, uint16 fnum,
POLICY_HND *hnd,
int num_names,
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h
index 6129c3bf01..1bd18bc7e8 100644
--- a/source3/include/rpc_lsa.h
+++ b/source3/include/rpc_lsa.h
@@ -176,7 +176,7 @@ typedef struct lsa_secret_value_info
{
uint32 ptr_secret;
STRHDR2 hdr_secret;
- STRING2 secret;
+ STRING2 enc_secret; /* encrypted, see nt_encrypt_string2 */
} LSA_SECRET_VALUE;
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c
index d0e1c6e85f..08bc929f01 100644
--- a/source3/libsmb/smbdes.c
+++ b/source3/libsmb/smbdes.c
@@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key)
}
-static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw)
+void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw)
{
int i;
char outb[64];
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index e35cccd734..3835c99815 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -226,3 +226,48 @@ BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[
return True;
}
+int nt_decrypt_string2(STRING2 *out, STRING2 *in, char nt_hash[16])
+{
+ uchar bufhdr[8];
+ int datalen;
+
+ uchar key[16];
+ uchar *keyptr = key;
+ uchar *keyend = key + sizeof(key);
+
+ uchar *outbuf = (uchar *)out->buffer;
+ uchar *inbuf = (uchar *)in->buffer;
+ uchar *inbufend;
+
+
+ mdfour(key, nt_hash, 16);
+
+ smbhash(bufhdr, inbuf, keyptr, 0);
+ datalen = IVAL(bufhdr, 0);
+
+ if ((datalen > in->str_str_len) || (datalen > MAX_STRINGLEN))
+ {
+ DEBUG(0, ("nt_decrypt_string2: failed\n"));
+ return False;
+ }
+
+ out->str_max_len = out->str_str_len = datalen;
+ inbuf += 8;
+ inbufend = inbuf + datalen;
+
+ while (inbuf < inbufend)
+ {
+ keyptr += 7;
+ if (keyptr + 7 > keyend)
+ {
+ keyptr = (keyend - keyptr) + key;
+ }
+
+ smbhash(outbuf, inbuf, keyptr, 0);
+
+ inbuf += 8;
+ outbuf += 8;
+ }
+
+ return True;
+}