From 26e12ebd07afbafb29f4d2974a9dd599eec606e0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 27 May 2005 16:15:56 +0000 Subject: r7031: Added encrypt/decrypt function for LSA secrets and trusted domain passwords on the wire. Jeremy. (This used to be commit f82dcac25faf7876655cb1839846cc5e01e4add7) --- source3/libsmb/smbdes.c | 2 +- source3/libsmb/smbencrypt.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index ae946b4a66..70581f1b2d 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -276,7 +276,7 @@ static void str_to_key(const unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) +void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { int i; char outb[64]; diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 55e06ffe97..d3573d0e1e 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -513,6 +513,7 @@ BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags) *new_pw_len is the length in bytes of the possibly mulitbyte returned password including termination. ************************************************************/ + BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd, int new_pwrd_size, uint32 *new_pw_len, int string_flags) @@ -554,3 +555,31 @@ BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd, return True; } + +/*********************************************************** + Encrypt/Decrypt used for LSA secrets and trusted domain + passwords. +************************************************************/ + +void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, int forward) +{ + int i, k; + + for (i=0,k=0; + ilength; + i += 8, k += 7) { + uint8_t bin[8], bout[8], key[7]; + + memset(bin, 0, 8); + memcpy(bin, &in->data[i], MIN(8, in->length-i)); + + if (k + 7 > session_key->length) { + k = (session_key->length - k); + } + memcpy(key, &session_key->data[k], 7); + + smbhash(bout, bin, key, forward?1:0); + + memcpy(&out->data[i], bout, MIN(8, in->length-i)); + } +} -- cgit