summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in4
-rw-r--r--source3/include/includes.h1
-rw-r--r--source3/include/ntlmssp.h6
-rw-r--r--source3/include/proto.h5
-rw-r--r--source3/lib/arc4.c79
-rw-r--r--source3/lib/genrand.c7
-rw-r--r--source3/libsmb/ntlmssp_sign.c66
-rw-r--r--source3/libsmb/smbdes.c13
8 files changed, 54 insertions, 127 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 8bee54d075..09c054a1e3 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -330,8 +330,8 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) \
lib/substitute.o lib/fsusage.o lib/dbwrap_util.o \
lib/ms_fnmatch.o lib/select.o lib/errmap_unix.o \
lib/tallocmsg.o lib/dmallocmsg.o libsmb/smb_signing.o \
- ../lib/crypto/md5.o ../lib/crypto/hmacmd5.o lib/arc4.o lib/iconv.o \
- lib/pam_errors.o intl/lang_tdb.o lib/conn_tdb.o \
+ ../lib/crypto/md5.o ../lib/crypto/hmacmd5.o ../lib/crypto/arcfour.o \
+ lib/iconv.o lib/pam_errors.o intl/lang_tdb.o lib/conn_tdb.o \
lib/adt_tree.o lib/gencache.o \
lib/module.o lib/events.o lib/ldap_escape.o @CHARSET_STATIC@ \
lib/secdesc.o lib/util_seaccess.o lib/secace.o lib/secacl.o \
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 79495a7ecf..0417a7e01c 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -687,6 +687,7 @@ typedef char fstring[FSTRING_LEN];
#include "msdfs.h"
#include "rap.h"
#include "../lib/crypto/md5.h"
+#include "../lib/crypto/arcfour.h"
#include "../lib/crypto/crc32.h"
#include "../lib/crypto/hmacmd5.h"
#include "ntlmssp.h"
diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index 3fb41c5613..b014b2170c 100644
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -157,14 +157,14 @@ typedef struct ntlmssp_state
unsigned char recv_sign_key[16];
unsigned char recv_seal_key[16];
- unsigned char send_seal_arc4_state[258];
- unsigned char recv_seal_arc4_state[258];
+ struct arcfour_state send_seal_arc4_state;
+ struct arcfour_state recv_seal_arc4_state;
uint32 ntlm2_send_seq_num;
uint32 ntlm2_recv_seq_num;
/* ntlmv1 */
- unsigned char ntlmv1_arc4_state[258];
+ struct arcfour_state ntlmv1_arc4_state;
uint32 ntlmv1_seq_num;
/* it turns out that we don't always get the
diff --git a/source3/include/proto.h b/source3/include/proto.h
index fc497b6966..3df87a6c34 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -315,11 +315,6 @@ int afs_syscall( int subcall,
bool afs_settoken_str(const char *token_string);
bool afs_settoken_str(const char *token_string);
-/* The following definitions come from lib/arc4.c */
-
-void smb_arc4_init(unsigned char arc4_state_out[258], const unsigned char *key, size_t keylen);
-void smb_arc4_crypt(unsigned char arc4_state_inout[258], unsigned char *data, size_t len);
-
/* The following definitions come from lib/audit.c */
const char *audit_category_str(uint32 category);
diff --git a/source3/lib/arc4.c b/source3/lib/arc4.c
deleted file mode 100644
index af2564b6c0..0000000000
--- a/source3/lib/arc4.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- An implementation of arc4.
-
- Copyright (C) Jeremy Allison 2005.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-
-/*****************************************************************
- Initialize state for an arc4 crypt/decrpyt.
- arc4 state is 258 bytes - last 2 bytes are the index bytes.
-*****************************************************************/
-
-void smb_arc4_init(unsigned char arc4_state_out[258], const unsigned char *key, size_t keylen)
-{
- size_t ind;
- unsigned char j = 0;
-
- for (ind = 0; ind < 256; ind++) {
- arc4_state_out[ind] = (unsigned char)ind;
- }
-
- for( ind = 0; ind < 256; ind++) {
- unsigned char tc;
-
- j += (arc4_state_out[ind] + key[ind%keylen]);
-
- tc = arc4_state_out[ind];
- arc4_state_out[ind] = arc4_state_out[j];
- arc4_state_out[j] = tc;
- }
- arc4_state_out[256] = 0;
- arc4_state_out[257] = 0;
-}
-
-/*****************************************************************
- Do the arc4 crypt/decrpyt.
- arc4 state is 258 bytes - last 2 bytes are the index bytes.
-*****************************************************************/
-
-void smb_arc4_crypt(unsigned char arc4_state_inout[258], unsigned char *data, size_t len)
-{
- unsigned char index_i = arc4_state_inout[256];
- unsigned char index_j = arc4_state_inout[257];
- size_t ind;
-
- for( ind = 0; ind < len; ind++) {
- unsigned char tc;
- unsigned char t;
-
- index_i++;
- index_j += arc4_state_inout[index_i];
-
- tc = arc4_state_inout[index_i];
- arc4_state_inout[index_i] = arc4_state_inout[index_j];
- arc4_state_inout[index_j] = tc;
-
- t = arc4_state_inout[index_i] + arc4_state_inout[index_j];
- data[ind] = data[ind] ^ arc4_state_inout[t];
- }
-
- arc4_state_inout[256] = index_i;
- arc4_state_inout[257] = index_j;
-}
diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c
index 4590b812c5..57314c55df 100644
--- a/source3/lib/genrand.c
+++ b/source3/lib/genrand.c
@@ -21,7 +21,7 @@
#include "includes.h"
-static unsigned char smb_arc4_state[258];
+static struct arcfour_state smb_arc4_state;
static uint32 counter;
static bool done_reseed = False;
@@ -89,6 +89,7 @@ static void do_filehash(const char *fname, unsigned char *the_hash)
static int do_reseed(bool use_fd, int fd)
{
unsigned char seed_inbuf[40];
+ DATA_BLOB seed_blob = { seed_inbuf, 40 };
uint32 v1, v2; struct timeval tval; pid_t mypid;
struct passwd *pw;
int reseed_data = 0;
@@ -146,7 +147,7 @@ static int do_reseed(bool use_fd, int fd)
seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)];
}
- smb_arc4_init(smb_arc4_state, seed_inbuf, sizeof(seed_inbuf));
+ arcfour_init(&smb_arc4_state, &seed_blob);
return -1;
}
@@ -190,7 +191,7 @@ void generate_random_buffer( unsigned char *out, int len)
while(len > 0) {
int copy_len = len > 16 ? 16 : len;
- smb_arc4_crypt(smb_arc4_state, md4_buf, sizeof(md4_buf));
+ arcfour_crypt_sbox(&smb_arc4_state, md4_buf, sizeof(md4_buf));
mdfour(tmp_buf, md4_buf, sizeof(md4_buf));
memcpy(p, tmp_buf, copy_len);
p += copy_len;
diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c
index 1abdf61b7f..d3d358d332 100644
--- a/source3/libsmb/ntlmssp_sign.c
+++ b/source3/libsmb/ntlmssp_sign.c
@@ -35,6 +35,12 @@
*
*/
+static void dump_arc4_state(const char *description,
+ struct arcfour_state *state)
+{
+ dump_data_pw(description, state->sbox, sizeof(state->sbox));
+}
+
static void calc_ntlmv2_key(unsigned char subkey[16],
DATA_BLOB session_key,
const char *constant)
@@ -101,10 +107,10 @@ static NTSTATUS ntlmssp_make_packet_signature(NTLMSSP_STATE *ntlmssp_state,
if (encrypt_sig && (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH)) {
switch (direction) {
case NTLMSSP_SEND:
- smb_arc4_crypt(ntlmssp_state->send_seal_arc4_state, digest, 8);
+ arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state, digest, 8);
break;
case NTLMSSP_RECEIVE:
- smb_arc4_crypt(ntlmssp_state->recv_seal_arc4_state, digest, 8);
+ arcfour_crypt_sbox(&ntlmssp_state->recv_seal_arc4_state, digest, 8);
break;
}
}
@@ -124,9 +130,8 @@ static NTSTATUS ntlmssp_make_packet_signature(NTLMSSP_STATE *ntlmssp_state,
ntlmssp_state->ntlmv1_seq_num++;
- dump_data_pw("ntlmssp hash:\n", ntlmssp_state->ntlmv1_arc4_state,
- sizeof(ntlmssp_state->ntlmv1_arc4_state));
- smb_arc4_crypt(ntlmssp_state->ntlmv1_arc4_state, sig->data+4, sig->length-4);
+ dump_arc4_state("ntlmssp hash: \n", &ntlmssp_state->ntlmv1_arc4_state);
+ arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state, sig->data+4, sig->length-4);
}
return NT_STATUS_OK;
}
@@ -259,9 +264,9 @@ NTSTATUS ntlmssp_seal_packet(NTLMSSP_STATE *ntlmssp_state,
return nt_status;
}
- smb_arc4_crypt(ntlmssp_state->send_seal_arc4_state, data, length);
+ arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state, data, length);
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
- smb_arc4_crypt(ntlmssp_state->send_seal_arc4_state, sig->data+4, 8);
+ arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state, sig->data+4, 8);
}
} else {
uint32 crc;
@@ -274,14 +279,14 @@ NTSTATUS ntlmssp_seal_packet(NTLMSSP_STATE *ntlmssp_state,
then seal the sequence number - this is becouse the ntlmv1_arc4_state is not
constant, but is is rather updated with each iteration */
- dump_data_pw("ntlmv1 arc4 state:\n", ntlmssp_state->ntlmv1_arc4_state,
- sizeof(ntlmssp_state->ntlmv1_arc4_state));
- smb_arc4_crypt(ntlmssp_state->ntlmv1_arc4_state, data, length);
+ dump_arc4_state("ntlmv1 arc4 state:\n",
+ &ntlmssp_state->ntlmv1_arc4_state);
+ arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state, data, length);
- dump_data_pw("ntlmv1 arc4 state:\n", ntlmssp_state->ntlmv1_arc4_state,
- sizeof(ntlmssp_state->ntlmv1_arc4_state));
+ dump_arc4_state("ntlmv1 arc4 state:\n",
+ &ntlmssp_state->ntlmv1_arc4_state);
- smb_arc4_crypt(ntlmssp_state->ntlmv1_arc4_state, sig->data+4, sig->length-4);
+ arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state, sig->data+4, sig->length-4);
ntlmssp_state->ntlmv1_seq_num++;
}
@@ -311,10 +316,10 @@ NTSTATUS ntlmssp_unseal_packet(NTLMSSP_STATE *ntlmssp_state,
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
/* First unseal the data. */
- smb_arc4_crypt(ntlmssp_state->recv_seal_arc4_state, data, length);
+ arcfour_crypt_sbox(&ntlmssp_state->recv_seal_arc4_state, data, length);
dump_data_pw("ntlmv2 clear data\n", data, length);
} else {
- smb_arc4_crypt(ntlmssp_state->ntlmv1_arc4_state, data, length);
+ arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state, data, length);
dump_data_pw("ntlmv1 clear data\n", data, length);
}
return ntlmssp_check_packet(ntlmssp_state, data, length, whole_pdu, pdu_length, sig);
@@ -349,6 +354,7 @@ NTSTATUS ntlmssp_sign_init(NTLMSSP_STATE *ntlmssp_state)
const char *send_seal_const;
const char *recv_sign_const;
const char *recv_seal_const;
+ DATA_BLOB send_seal_key_blob, recv_seal_blob;
switch (ntlmssp_state->role) {
case NTLMSSP_CLIENT:
@@ -397,12 +403,13 @@ NTSTATUS ntlmssp_sign_init(NTLMSSP_STATE *ntlmssp_state)
dump_data_pw("NTLMSSP send seal key:\n",
ntlmssp_state->send_seal_key, 16);
- smb_arc4_init(ntlmssp_state->send_seal_arc4_state,
- ntlmssp_state->send_seal_key, 16);
+ send_seal_key_blob.data = ntlmssp_state->send_seal_key;
+ send_seal_key_blob.length = 16;
+ arcfour_init(&ntlmssp_state->send_seal_arc4_state,
+ &send_seal_key_blob);
- dump_data_pw("NTLMSSP send seal arc4 state:\n",
- ntlmssp_state->send_seal_arc4_state,
- sizeof(ntlmssp_state->send_seal_arc4_state));
+ dump_arc4_state("NTLMSSP send seal arc4 state:\n",
+ &ntlmssp_state->send_seal_arc4_state);
/* RECV: sign key */
calc_ntlmv2_key(ntlmssp_state->recv_sign_key,
@@ -417,12 +424,13 @@ NTSTATUS ntlmssp_sign_init(NTLMSSP_STATE *ntlmssp_state)
dump_data_pw("NTLMSSP recv seal key:\n",
ntlmssp_state->recv_seal_key, 16);
- smb_arc4_init(ntlmssp_state->recv_seal_arc4_state,
- ntlmssp_state->recv_seal_key, 16);
+ recv_seal_blob.data = ntlmssp_state->recv_seal_key;
+ recv_seal_blob.length = 16;
+ arcfour_init(&ntlmssp_state->recv_seal_arc4_state,
+ &recv_seal_blob);
- dump_data_pw("NTLMSSP recv seal arc4 state:\n",
- ntlmssp_state->recv_seal_arc4_state,
- sizeof(ntlmssp_state->recv_seal_arc4_state));
+ dump_arc4_state("NTLMSSP recv seal arc4 state:\n",
+ &ntlmssp_state->recv_seal_arc4_state);
ntlmssp_state->ntlm2_send_seq_num = 0;
ntlmssp_state->ntlm2_recv_seq_num = 0;
@@ -454,11 +462,11 @@ NTSTATUS ntlmssp_sign_init(NTLMSSP_STATE *ntlmssp_state)
DEBUG(5, ("NTLMSSP Sign/Seal - using NTLM1\n"));
- smb_arc4_init(ntlmssp_state->ntlmv1_arc4_state,
- weak_session_key.data, weak_session_key.length);
+ arcfour_init(&ntlmssp_state->ntlmv1_arc4_state,
+ &weak_session_key);
- dump_data_pw("NTLMv1 arc4 state:\n", ntlmssp_state->ntlmv1_arc4_state,
- sizeof(ntlmssp_state->ntlmv1_arc4_state));
+ dump_arc4_state("NTLMv1 arc4 state:\n",
+ &ntlmssp_state->ntlmv1_arc4_state);
ntlmssp_state->ntlmv1_seq_num = 0;
}
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c
index 98d5cd05b7..76779e2d27 100644
--- a/source3/libsmb/smbdes.c
+++ b/source3/libsmb/smbdes.c
@@ -388,18 +388,19 @@ void des_crypt112_16(unsigned char out[16], unsigned char in[16], const unsigned
void SamOEMhash( unsigned char *data, const unsigned char key[16], size_t len)
{
- unsigned char arc4_state[258];
+ struct arcfour_state arc4_state;
+ DATA_BLOB keyblob = { key, 16 };
- smb_arc4_init(arc4_state, key, 16);
- smb_arc4_crypt(arc4_state, data, len);
+ arcfour_init(&arc4_state, &keyblob);
+ arcfour_crypt_sbox(&arc4_state, data, len);
}
void SamOEMhashBlob( unsigned char *data, size_t len, DATA_BLOB *key)
{
- unsigned char arc4_state[258];
+ struct arcfour_state arc4_state;
- smb_arc4_init(arc4_state, key->data, key->length);
- smb_arc4_crypt(arc4_state, data, len);
+ arcfour_init(&arc4_state, key);
+ arcfour_crypt_sbox(&arc4_state, data, len);
}
/* Decode a sam password hash into a password. The password hash is the