r305: - added IDL and test code for samr_RidToSid()

- completed the IDL and test code for the various set user password
  mechanisms in samr. Three password mechanisms are now working, the
  UserInfo24 method, the OemChangePasswordUser2() method (which only
  sets the LM password) and the ChangePasswordUser2() method which sets
  both the LM and NT passwords.

- updated some crypto routines to support the password change tests
(This used to be commit 051efa2abf9d1fbbf783df411c02f2714027f813)

2 files changed, 36 insertions, 15 deletions

diff --git a/source4/libcli/util/smbdes.c b/source4/libcli/util/smbdes.c
index d282b0135a..80b938b460 100644
--- a/source4/libcli/util/smbdes.c
+++ b/source4/libcli/util/smbdes.c
@@ -357,7 +357,8 @@ void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key,
         smbhash(out + 8, in + 8, key2, forw);
 }
 
-void SamOEMhash( unsigned char *data, const unsigned char *key, int val)
+
+void SamOEMhashBlob(unsigned char *data, int len, const DATA_BLOB *key)
 {
 	unsigned char s_box[256];
 	unsigned char index_i = 0;
@@ -369,23 +370,22 @@ void SamOEMhash( unsigned char *data, const unsigned char *key, int val)
 		s_box[ind] = (unsigned char)ind;
 	}
 
-	for( ind = 0; ind < 256; ind++) {
+	for (ind = 0; ind < 256; ind++) {
 		unsigned char tc;
-		
-		j += (s_box[ind] + key[ind%16]);
-		
+
+		j += (s_box[ind] + key->data[ind%key->length]);
+
 		tc = s_box[ind];
 		s_box[ind] = s_box[j];
 		s_box[j] = tc;
 	}
-
-	for (ind = 0; ind < val; ind++){
+	for (ind = 0; ind < len; ind++) {
 		unsigned char tc;
 		unsigned char t;
 
 		index_i++;
 		index_j += s_box[index_i];
-		
+
 		tc = s_box[index_i];
 		s_box[index_i] = s_box[index_j];
 		s_box[index_j] = tc;
@@ -395,6 +395,20 @@ void SamOEMhash( unsigned char *data, const unsigned char *key, int val)
 	}
 }
 
+/*
+  a varient that assumes a 16 byte key. This should be removed
+  when the last user is gone
+*/
+void SamOEMhash(unsigned char *data, const unsigned char keystr[16], int len)
+{
+	DATA_BLOB key;
+
+	key.length = 16;
+	key.data = keystr;
+	
+	SamOEMhashBlob(data, len, &key);
+}
+
 
 /* Decode a sam password hash into a password.  The password hash is the
    same method used to store passwords in the NT registry.  The DES key
diff --git a/source4/libcli/util/smbencrypt.c b/source4/libcli/util/smbencrypt.c
index 13d56e1e78..a1c026a27d 100644
--- a/source4/libcli/util/smbencrypt.c
+++ b/source4/libcli/util/smbencrypt.c
@@ -460,21 +460,28 @@ BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password
 }
 
 /***********************************************************
- encode a password buffer.  The caller gets to figure out 
- what to put in it.
+ encode a password buffer with a unicode password.  The buffer
+ is filled with random data to make it harder to attack.
 ************************************************************/
-BOOL encode_pw_buffer(char buffer[516], char *new_pw, int new_pw_length)
+BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags)
 {
-	generate_random_buffer((unsigned char *)buffer, 516, True);
+	uchar new_pw[512];
+	size_t new_pw_len;
 
-	memcpy(&buffer[512 - new_pw_length], new_pw, new_pw_length);
+	new_pw_len = push_string(NULL, new_pw,
+				 password, 
+				 sizeof(new_pw), string_flags);
+	
+	memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
+
+	generate_random_buffer((unsigned char *)buffer, 512 - new_pw_len, True);
 
 	/* 
 	 * The length of the new password is in the last 4 bytes of
 	 * the data buffer.
 	 */
-	SIVAL(buffer, 512, new_pw_length);
-
+	SIVAL(buffer, 512, new_pw_len);
+	ZERO_STRUCT(new_pw);
 	return True;
 }