|
 |
1524bc |
From cd45ceb7c38ef77ad9d6cc42ad8184ebc6829cf7 Mon Sep 17 00:00:00 2001
|
|
|
1524bc |
From: Andreas Schneider <asn@samba.org>
|
|
|
1524bc |
Date: Wed, 29 May 2019 16:38:09 +0200
|
|
|
1524bc |
Subject: [PATCH 090/187] libcli:auth: Return NTSTATUS for
|
|
|
1524bc |
netlogon_creds_aes_encrypt()
|
|
|
1524bc |
|
|
|
1524bc |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
1524bc |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
1524bc |
|
|
|
1524bc |
Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus()
|
|
|
1524bc |
|
|
|
1524bc |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
1524bc |
(cherry picked from commit ded5aad21b54b8783f7390fb2eca483d3861eeff)
|
|
|
1524bc |
---
|
|
|
1524bc |
libcli/auth/credentials.c | 15 ++++++++-------
|
|
|
1524bc |
libcli/auth/proto.h | 4 +++-
|
|
|
1524bc |
2 files changed, 11 insertions(+), 8 deletions(-)
|
|
|
1524bc |
|
|
|
1524bc |
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
|
|
|
1524bc |
index 5a1692ef436..87f8820238e 100644
|
|
|
1524bc |
--- a/libcli/auth/credentials.c
|
|
|
1524bc |
+++ b/libcli/auth/credentials.c
|
|
|
1524bc |
@@ -293,7 +293,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre
|
|
|
1524bc |
/*
|
|
|
1524bc |
AES encrypt a password buffer using the session key
|
|
|
1524bc |
*/
|
|
|
1524bc |
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
|
|
|
1524bc |
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
|
|
|
1524bc |
+ uint8_t *data,
|
|
|
1524bc |
+ size_t len)
|
|
|
1524bc |
{
|
|
|
1524bc |
#ifdef HAVE_GNUTLS_AES_CFB8
|
|
|
1524bc |
gnutls_cipher_hd_t cipher_hnd = NULL;
|
|
|
1524bc |
@@ -317,18 +319,15 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
|
1524bc |
&key,
|
|
|
1524bc |
&iv;;
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- DBG_ERR("ERROR: gnutls_cipher_init: %s\n",
|
|
|
1524bc |
- gnutls_strerror(rc));
|
|
|
1524bc |
- return;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
rc = gnutls_cipher_encrypt(cipher_hnd, data, len);
|
|
|
1524bc |
gnutls_cipher_deinit(cipher_hnd);
|
|
|
1524bc |
if (rc < 0) {
|
|
|
1524bc |
- DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n",
|
|
|
1524bc |
- gnutls_strerror(rc));
|
|
|
1524bc |
- return;
|
|
|
1524bc |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
|
1524bc |
}
|
|
|
1524bc |
+
|
|
|
1524bc |
#else /* NOT HAVE_GNUTLS_AES_CFB8 */
|
|
|
1524bc |
AES_KEY key;
|
|
|
1524bc |
uint8_t iv[AES_BLOCK_SIZE] = {0};
|
|
|
1524bc |
@@ -337,6 +336,8 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
|
1524bc |
|
|
|
1524bc |
aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT);
|
|
|
1524bc |
#endif /* HAVE_GNUTLS_AES_CFB8 */
|
|
|
1524bc |
+
|
|
|
1524bc |
+ return NT_STATUS_OK;
|
|
|
1524bc |
}
|
|
|
1524bc |
|
|
|
1524bc |
/*
|
|
|
1524bc |
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
|
|
|
1524bc |
index 65ee06215dc..639a50425e5 100644
|
|
|
1524bc |
--- a/libcli/auth/proto.h
|
|
|
1524bc |
+++ b/libcli/auth/proto.h
|
|
|
1524bc |
@@ -18,7 +18,9 @@ void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, st
|
|
|
1524bc |
NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds,
|
|
|
1524bc |
uint8_t *data,
|
|
|
1524bc |
size_t len);
|
|
|
1524bc |
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
|
|
|
1524bc |
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
|
|
|
1524bc |
+ uint8_t *data,
|
|
|
1524bc |
+ size_t len);
|
|
|
1524bc |
void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
|
|
|
1524bc |
|
|
|
1524bc |
/*****************************************************************
|
|
|
1524bc |
--
|
|
|
1524bc |
2.23.0
|
|
|
1524bc |
|