From f8f2630c0d65460435598f3b1db5672091df99e7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 12 Sep 2004 06:38:00 +0000 Subject: r2294: this fixes the NTLM2 sign+seal combination. I have now tested: NTLM sign NTLM sign+seal NTLM2 sign NTLM2 sign+seal and all of the above both with and without key exchange the NTLM2 seal case is ugly and involves an extra data copy, which some API changes in gensec or the ndr layer might avoid in future. (This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8) --- source4/libcli/auth/ntlmssp_sign.c | 40 ++++++++++++++------------------------ 1 file changed, 15 insertions(+), 25 deletions(-) (limited to 'source4/libcli') diff --git a/source4/libcli/auth/ntlmssp_sign.c b/source4/libcli/auth/ntlmssp_sign.c index 2ab54124e3..2b9659ae52 100644 --- a/source4/libcli/auth/ntlmssp_sign.c +++ b/source4/libcli/auth/ntlmssp_sign.c @@ -66,7 +66,7 @@ static NTSTATUS ntlmssp_make_packet_signature(struct ntlmssp_state *ntlmssp_stat const uint8_t *data, size_t length, const uint8_t *whole_pdu, size_t pdu_length, enum ntlmssp_direction direction, - DATA_BLOB *sig, BOOL encrypt_sig) + DATA_BLOB *sig, BOOL encrypt_sig) { if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { @@ -120,9 +120,7 @@ static NTSTATUS ntlmssp_make_packet_signature(struct ntlmssp_state *ntlmssp_stat } ntlmssp_state->ntlm_seq_num++; - if (encrypt_sig) { - arcfour_crypt_sbox(ntlmssp_state->ntlmssp_hash, sig->data+4, sig->length-4); - } + arcfour_crypt_sbox(ntlmssp_state->ntlmssp_hash, sig->data+4, sig->length-4); } dump_data_pw("calculated ntlmssp signature\n", sig->data, sig->length); return NT_STATUS_OK; @@ -245,13 +243,14 @@ NTSTATUS ntlmssp_seal_packet(struct ntlmssp_state *ntlmssp_state, /* The order of these two operations matters - we must first seal the packet, then seal the sequence number - this is becouse the send_seal_hash is not constant, but is is rather updated with each iteration */ - - arcfour_crypt_sbox(ntlmssp_state->send_seal_hash, data, length); - nt_status = ntlmssp_make_packet_signature(ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, - NTLMSSP_SEND, sig, True); + NTLMSSP_SEND, sig, False); + arcfour_crypt_sbox(ntlmssp_state->send_seal_hash, data, length); + if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) { + arcfour_crypt_sbox(ntlmssp_state->send_seal_hash, sig->data+4, 8); + } } else { uint32_t crc; crc = crc32_calc_buffer((const char *)data, length); @@ -259,12 +258,13 @@ NTSTATUS ntlmssp_seal_packet(struct ntlmssp_state *ntlmssp_state, return NT_STATUS_NO_MEMORY; } - /* The order of these two operations matters - we must first seal the packet, - then seal the sequence number - this is becouse the ntlmssp_hash is not - constant, but is is rather updated with each iteration */ - - arcfour_crypt_sbox(ntlmssp_state->ntlmssp_hash, data, length); + /* The order of these two operations matters - we must + first seal the packet, then seal the sequence + number - this is becouse the ntlmssp_hash is not + constant, but is is rather updated with each + iteration */ + arcfour_crypt_sbox(ntlmssp_state->ntlmssp_hash, data, length); arcfour_crypt_sbox(ntlmssp_state->ntlmssp_hash, sig->data+4, sig->length-4); /* increment counter on send */ ntlmssp_state->ntlm_seq_num++; @@ -297,26 +297,16 @@ NTSTATUS ntlmssp_unseal_packet(struct ntlmssp_state *ntlmssp_state, dump_data_pw("ntlmssp sealed data\n", data, length); if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { - - /* We have to pass the data past the arcfour pad in - * the correct order, so we must encrypt the signature - * after we decrypt the main body. however, the - * signature is calculated over the encrypted data */ + arcfour_crypt_sbox(ntlmssp_state->recv_seal_hash, data, length); nt_status = ntlmssp_make_packet_signature(ntlmssp_state, sig_mem_ctx, data, length, whole_pdu, pdu_length, - NTLMSSP_RECEIVE, &local_sig, False); + NTLMSSP_RECEIVE, &local_sig, True); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } - arcfour_crypt_sbox(ntlmssp_state->recv_seal_hash, data, length); - - if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) { - arcfour_crypt_sbox(ntlmssp_state->send_seal_hash, local_sig.data + 4, 8); - } - if (local_sig.length != sig->length || memcmp(local_sig.data, sig->data, sig->length) != 0) { -- cgit