summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-05-27 16:15:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:57:00 -0500
commit26e12ebd07afbafb29f4d2974a9dd599eec606e0 (patch)
treec3300edeece6948241fd406bc832fc708950cba7
parent54aee75980dd7eb4cc4d5b8e94149fc088a3d7e5 (diff)
downloadsamba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.tar.gz
samba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.tar.bz2
samba-26e12ebd07afbafb29f4d2974a9dd599eec606e0.zip
r7031: Added encrypt/decrypt function for LSA secrets and trusted
domain passwords on the wire. Jeremy. (This used to be commit f82dcac25faf7876655cb1839846cc5e01e4add7)
-rw-r--r--source3/libsmb/smbdes.c2
-rw-r--r--source3/libsmb/smbencrypt.c29
2 files changed, 30 insertions, 1 deletions
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c
index ae946b4a66..70581f1b2d 100644
--- a/source3/libsmb/smbdes.c
+++ b/source3/libsmb/smbdes.c
@@ -276,7 +276,7 @@ static void str_to_key(const unsigned char *str,unsigned char *key)
}
-static void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw)
+void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw)
{
int i;
char outb[64];
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 55e06ffe97..d3573d0e1e 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -513,6 +513,7 @@ BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags)
*new_pw_len is the length in bytes of the possibly mulitbyte
returned password including termination.
************************************************************/
+
BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd,
int new_pwrd_size, uint32 *new_pw_len,
int string_flags)
@@ -554,3 +555,31 @@ BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd,
return True;
}
+
+/***********************************************************
+ Encrypt/Decrypt used for LSA secrets and trusted domain
+ passwords.
+************************************************************/
+
+void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, int forward)
+{
+ int i, k;
+
+ for (i=0,k=0;
+ i<in->length;
+ i += 8, k += 7) {
+ uint8_t bin[8], bout[8], key[7];
+
+ memset(bin, 0, 8);
+ memcpy(bin, &in->data[i], MIN(8, in->length-i));
+
+ if (k + 7 > session_key->length) {
+ k = (session_key->length - k);
+ }
+ memcpy(key, &session_key->data[k], 7);
+
+ smbhash(bout, bin, key, forward?1:0);
+
+ memcpy(&out->data[i], bout, MIN(8, in->length-i));
+ }
+}