From 2d2911c7885dc832700185e62160bc18f8abfa04 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 28 Jul 2008 15:49:46 +0200
Subject: libcli/smb2: the session key for SMB2 signing is truncated to 16
 bytes

To make that work (as a client) with aes128 and aes256 krb5 keys
we need to use gsskrb5_get_subkey().

metze
(This used to be commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906)
---
 source4/libcli/smb2/session.c | 4 ++--
 source4/libcli/smb2/signing.c | 9 ++++-----
 2 files changed, 6 insertions(+), 7 deletions(-)

(limited to 'source4/libcli')

diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index 6c573bf6d5..31b3e942e9 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -188,8 +188,8 @@ static void session_request_handler(struct smb2_request *req)
 	}
 
 	if (session->transport->signing_required) {
-		if (session->session_key.length != 16) {
-			DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
+		if (session->session_key.length == 0) {
+			DEBUG(0,("Wrong session key length %u for SMB2 signing\n",
 				 (unsigned)session->session_key.length));
 			composite_error(c, NT_STATUS_ACCESS_DENIED);
 			return;
diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c
index fb2c22db4e..0d655d1a86 100644
--- a/source4/libcli/smb2/signing.c
+++ b/source4/libcli/smb2/signing.c
@@ -46,7 +46,7 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
 		return NT_STATUS_OK;		
 	}
 
-	if (session_key.length != 16) {
+	if (session_key.length == 0) {
 		DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
 			 (unsigned)session_key.length));
 		return NT_STATUS_ACCESS_DENIED;
@@ -57,10 +57,9 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
 	SIVAL(buf->hdr, SMB2_HDR_FLAGS, IVAL(buf->hdr, SMB2_HDR_FLAGS) | SMB2_HDR_FLAG_SIGNED);
 
 	ZERO_STRUCT(m);
-	hmac_sha256_init(session_key.data, 16, &m);
+	hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
 	hmac_sha256_update(buf->buffer+NBT_HDR_SIZE, buf->size-NBT_HDR_SIZE, &m);
 	hmac_sha256_final(res, &m);
-
 	DEBUG(5,("signed SMB2 message of size %u\n", (unsigned)buf->size - NBT_HDR_SIZE));
 
 	memcpy(buf->hdr + SMB2_HDR_SIGNATURE, res, 16);
@@ -95,7 +94,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
 		return NT_STATUS_OK;
 	}
 
-	if (session_key.length != 16) {
+	if (session_key.length == 0) {
 		DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
 			 (unsigned)session_key.length));
 		return NT_STATUS_ACCESS_DENIED;
@@ -106,7 +105,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
 	memset(buf->hdr + SMB2_HDR_SIGNATURE, 0, 16);
 
 	ZERO_STRUCT(m);
-	hmac_sha256_init(session_key.data, 16, &m);
+	hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
 	hmac_sha256_update(buf->hdr, buf->size-NBT_HDR_SIZE, &m);
 	hmac_sha256_final(res, &m);
 
-- 
cgit