diff options
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/include/rpc_lsa.h | 2 | ||||
-rw-r--r-- | source3/libsmb/smbdes.c | 2 | ||||
-rw-r--r-- | source3/libsmb/smbencrypt.c | 45 |
4 files changed, 51 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index e64a7a92aa..5ad1959677 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -739,6 +739,7 @@ void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24]) /*The following definitions come from libsmb/smbdes.c */ +void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw); void E_P16(unsigned char *p14,unsigned char *p16); void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24); void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out); @@ -757,6 +758,7 @@ void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]); void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]); void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24); BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode); +int nt_decrypt_string2(STRING2 *out, STRING2 *in, char nt_hash[16]); /*The following definitions come from libsmb/smberr.c */ @@ -1568,8 +1570,8 @@ BOOL lsa_open_secret(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd_pol, char *secret_name, uint32 des_access, POLICY_HND *hnd_secret); BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum, - POLICY_HND *pol, unsigned char secret[24], - NTTIME *lastupdate); + POLICY_HND *pol, STRING2 *enc_secret, + NTTIME *last_update); BOOL lsa_lookup_names(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, int num_names, diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 6129c3bf01..1bd18bc7e8 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -176,7 +176,7 @@ typedef struct lsa_secret_value_info { uint32 ptr_secret; STRHDR2 hdr_secret; - STRING2 secret; + STRING2 enc_secret; /* encrypted, see nt_encrypt_string2 */ } LSA_SECRET_VALUE; diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index d0e1c6e85f..08bc929f01 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) +void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) { int i; char outb[64]; diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index e35cccd734..3835c99815 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -226,3 +226,48 @@ BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[ return True; } +int nt_decrypt_string2(STRING2 *out, STRING2 *in, char nt_hash[16]) +{ + uchar bufhdr[8]; + int datalen; + + uchar key[16]; + uchar *keyptr = key; + uchar *keyend = key + sizeof(key); + + uchar *outbuf = (uchar *)out->buffer; + uchar *inbuf = (uchar *)in->buffer; + uchar *inbufend; + + + mdfour(key, nt_hash, 16); + + smbhash(bufhdr, inbuf, keyptr, 0); + datalen = IVAL(bufhdr, 0); + + if ((datalen > in->str_str_len) || (datalen > MAX_STRINGLEN)) + { + DEBUG(0, ("nt_decrypt_string2: failed\n")); + return False; + } + + out->str_max_len = out->str_str_len = datalen; + inbuf += 8; + inbufend = inbuf + datalen; + + while (inbuf < inbufend) + { + keyptr += 7; + if (keyptr + 7 > keyend) + { + keyptr = (keyend - keyptr) + key; + } + + smbhash(outbuf, inbuf, keyptr, 0); + + inbuf += 8; + outbuf += 8; + } + + return True; +} |