diff options
-rw-r--r-- | libcli/smb/smbXcli_base.c | 24 | ||||
-rw-r--r-- | libcli/smb/smbXcli_base.h | 1 |
2 files changed, 25 insertions, 0 deletions
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 29dba8cbc0..c6e3b2a6ce 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -149,6 +149,7 @@ struct smbXcli_session { struct { uint16_t session_id; DATA_BLOB application_key; + bool protected_key; } smb1; struct smb2cli_session *smb2; @@ -4360,6 +4361,7 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session, * return NT_STATUS_INVALID_PARAMETER_MIX; */ data_blob_clear_free(&session->smb1.application_key); + session->smb1.protected_key = false; } if (_session_key.length == 0) { @@ -4378,6 +4380,28 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session, return NT_STATUS_NO_MEMORY; } + session->smb1.protected_key = false; + + return NT_STATUS_OK; +} + +NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session) +{ + if (session->smb1.protected_key) { + /* already protected */ + return NT_STATUS_OK; + } + + if (session->smb1.application_key.length != 16) { + return NT_STATUS_INVALID_PARAMETER_MIX; + } + + smb_key_derivation(session->smb1.application_key.data, + session->smb1.application_key.length, + session->smb1.application_key.data); + + session->smb1.protected_key = true; + return NT_STATUS_OK; } diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h index 3f78cd5da7..689369e4a9 100644 --- a/libcli/smb/smbXcli_base.h +++ b/libcli/smb/smbXcli_base.h @@ -256,6 +256,7 @@ void smb1cli_session_set_id(struct smbXcli_session* session, uint16_t session_id); NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session, const DATA_BLOB _session_key); +NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session); uint8_t smb2cli_session_security_mode(struct smbXcli_session *session); uint64_t smb2cli_session_current_id(struct smbXcli_session *session); uint16_t smb2cli_session_get_flags(struct smbXcli_session *session); |