From 97be49c4d42bbc84a85383db0d5c6cf14fd077da Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 1 Aug 2012 09:01:25 +0200
Subject: libcli/smb: add smb1cli_session_protect_session_key()

metze
---
 libcli/smb/smbXcli_base.c | 24 ++++++++++++++++++++++++
 libcli/smb/smbXcli_base.h |  1 +
 2 files changed, 25 insertions(+)

(limited to 'libcli/smb')

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 29dba8cbc0..c6e3b2a6ce 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -149,6 +149,7 @@ struct smbXcli_session {
 	struct {
 		uint16_t session_id;
 		DATA_BLOB application_key;
+		bool protected_key;
 	} smb1;
 
 	struct smb2cli_session *smb2;
@@ -4360,6 +4361,7 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
 		 * return NT_STATUS_INVALID_PARAMETER_MIX;
 		 */
 		data_blob_clear_free(&session->smb1.application_key);
+		session->smb1.protected_key = false;
 	}
 
 	if (_session_key.length == 0) {
@@ -4378,6 +4380,28 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	session->smb1.protected_key = false;
+
+	return NT_STATUS_OK;
+}
+
+NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session)
+{
+	if (session->smb1.protected_key) {
+		/* already protected */
+		return NT_STATUS_OK;
+	}
+
+	if (session->smb1.application_key.length != 16) {
+		return NT_STATUS_INVALID_PARAMETER_MIX;
+	}
+
+	smb_key_derivation(session->smb1.application_key.data,
+			   session->smb1.application_key.length,
+			   session->smb1.application_key.data);
+
+	session->smb1.protected_key = true;
+
 	return NT_STATUS_OK;
 }
 
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 3f78cd5da7..689369e4a9 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -256,6 +256,7 @@ void smb1cli_session_set_id(struct smbXcli_session* session,
 			    uint16_t session_id);
 NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
 					 const DATA_BLOB _session_key);
+NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session);
 uint8_t smb2cli_session_security_mode(struct smbXcli_session *session);
 uint64_t smb2cli_session_current_id(struct smbXcli_session *session);
 uint16_t smb2cli_session_get_flags(struct smbXcli_session *session);
-- 
cgit