|
|
b6b438 |
From d2a0904b915c4f9ffe8ca7f8015ef201dd8b827d Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
Date: Wed, 31 Jul 2019 16:37:00 +1200
|
|
|
b6b438 |
Subject: [PATCH 108/187] s4-samdb: Remove duplicate encrypted_secrets code
|
|
|
b6b438 |
using internal Samba AES
|
|
|
b6b438 |
|
|
|
b6b438 |
We now rely on GnuTLS 3.4.7 or later.
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 85a1c4973921fdf9412ec56a3ed6a77f3ab84116)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
.../samdb/ldb_modules/encrypted_secrets.c | 266 +----------------
|
|
|
b6b438 |
.../tests/test_encrypted_secrets.c | 278 ------------------
|
|
|
b6b438 |
2 files changed, 2 insertions(+), 542 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c
|
|
|
b6b438 |
index e0932858588..0d46031ec64 100644
|
|
|
b6b438 |
--- a/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c
|
|
|
b6b438 |
+++ b/source4/dsdb/samdb/ldb_modules/encrypted_secrets.c
|
|
|
b6b438 |
@@ -39,22 +39,8 @@
|
|
|
b6b438 |
#include "dsdb/samdb/samdb.h"
|
|
|
b6b438 |
#include "dsdb/samdb/ldb_modules/util.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
-/* Build either with GnuTLS crypto or Samba crypto. */
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
- #define BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
-#else /* !HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
- #define BUILD_WITH_SAMBA_AES_GCM
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
- #include <gnutls/gnutls.h>
|
|
|
b6b438 |
- #include <gnutls/crypto.h>
|
|
|
b6b438 |
-#endif /* BUILD_WITH_GNUTLS_AEAD */
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-#ifdef BUILD_WITH_SAMBA_AES_GCM
|
|
|
b6b438 |
- #include "lib/crypto/aes.h"
|
|
|
b6b438 |
- #include "lib/crypto/aes_gcm_128.h"
|
|
|
b6b438 |
-#endif /* BUILD_WITH_SAMBA_AES_GCM */
|
|
|
b6b438 |
+#include <gnutls/gnutls.h>
|
|
|
b6b438 |
+#include <gnutls/crypto.h>
|
|
|
b6b438 |
|
|
|
b6b438 |
static const char * const secret_attributes[] = {DSDB_SECRET_ATTRIBUTES};
|
|
|
b6b438 |
static const size_t num_secret_attributes = ARRAY_SIZE(secret_attributes);
|
|
|
b6b438 |
@@ -74,12 +60,10 @@ struct es_data {
|
|
|
b6b438 |
* Encryption keys for secret attributes
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
DATA_BLOB keys[NUMBER_OF_KEYS];
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* The gnutls algorithm used to encrypt attributes
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
int encryption_algorithm;
|
|
|
b6b438 |
-#endif /* BUILD_WITH_GNUTLS_AEAD */
|
|
|
b6b438 |
};
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
@@ -262,9 +246,7 @@ static int load_keys(struct ldb_module *module, struct es_data *data)
|
|
|
b6b438 |
|
|
|
b6b438 |
data->keys[0] = key;
|
|
|
b6b438 |
data->encrypt_secrets = true;
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
data->encryption_algorithm = GNUTLS_CIPHER_AES_128_GCM;
|
|
|
b6b438 |
-#endif
|
|
|
b6b438 |
TALLOC_FREE(frame);
|
|
|
b6b438 |
|
|
|
b6b438 |
return LDB_SUCCESS;
|
|
|
b6b438 |
@@ -299,7 +281,6 @@ static bool should_encrypt(const struct ldb_message_element *el)
|
|
|
b6b438 |
*
|
|
|
b6b438 |
* @return Size rounded up to the nearest multiple of block_size
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
static size_t round_to_block_size(size_t block_size, size_t size)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
if ((size % block_size) == 0) {
|
|
|
b6b438 |
@@ -308,7 +289,6 @@ static size_t round_to_block_size(size_t block_size, size_t size)
|
|
|
b6b438 |
return ((int)(size/block_size) + 1) * block_size;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* BUILD_WITH_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* @brief Create an new EncryptedSecret owned by the supplied talloc context.
|
|
|
b6b438 |
@@ -375,239 +355,6 @@ static DATA_BLOB makePlainText(TALLOC_CTX *ctx,
|
|
|
b6b438 |
return pt;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
-#ifdef BUILD_WITH_SAMBA_AES_GCM
|
|
|
b6b438 |
-/*
|
|
|
b6b438 |
- * @brief Encrypt an ldb value using an aead algorithm.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * This function uses the samba internal implementation to perform the encryption. However
|
|
|
b6b438 |
- * the encrypted data and tag are stored in a manner compatible with gnutls,
|
|
|
b6b438 |
- * so the gnutls aead functions can be used to decrypt and verify the data.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @param err Pointer to an error code, set to:
|
|
|
b6b438 |
- * LDB_SUCESS If the value was successfully encrypted
|
|
|
b6b438 |
- * LDB_ERR_OPERATIONS_ERROR If there was an error.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @param ctx Talloc memory context the will own the memory allocated
|
|
|
b6b438 |
- * @param ldb ldb context, to allow logging.
|
|
|
b6b438 |
- * @param val The ldb value to encrypt, not altered or freed
|
|
|
b6b438 |
- * @param data The context data for this module.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @return The encrypted ldb_val, or data_blob_null if there was an error.
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
-static struct ldb_val samba_encrypt_aead(int *err,
|
|
|
b6b438 |
- TALLOC_CTX *ctx,
|
|
|
b6b438 |
- struct ldb_context *ldb,
|
|
|
b6b438 |
- const struct ldb_val val,
|
|
|
b6b438 |
- const struct es_data *data)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct aes_gcm_128_context cctx;
|
|
|
b6b438 |
- struct EncryptedSecret *es = NULL;
|
|
|
b6b438 |
- DATA_BLOB pt = data_blob_null;
|
|
|
b6b438 |
- struct ldb_val enc = data_blob_null;
|
|
|
b6b438 |
- DATA_BLOB key_blob = data_blob_null;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
- TALLOC_CTX *frame = talloc_stackframe();
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- es = makeEncryptedSecret(ldb, frame);
|
|
|
b6b438 |
- if (es == NULL) {
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- pt = makePlainText(frame, ldb, val);
|
|
|
b6b438 |
- if (pt.length == 0) {
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /*
|
|
|
b6b438 |
- * Set the encryption key
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
- key_blob = get_key(data);
|
|
|
b6b438 |
- if (key_blob.length != AES_BLOCK_SIZE) {
|
|
|
b6b438 |
- ldb_asprintf_errstring(ldb,
|
|
|
b6b438 |
- "Invalid EncryptedSecrets key size, "
|
|
|
b6b438 |
- "expected %u bytes and is %zu bytes\n",
|
|
|
b6b438 |
- AES_BLOCK_SIZE,
|
|
|
b6b438 |
- key_blob.length);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /*
|
|
|
b6b438 |
- * Set the initialisation vector
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- uint8_t *iv = talloc_zero_size(frame, AES_GCM_128_IV_SIZE);
|
|
|
b6b438 |
- if (iv == NULL) {
|
|
|
b6b438 |
- ldb_set_errstring(ldb,
|
|
|
b6b438 |
- "Out of memory allocating iv\n");
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- generate_nonce_buffer(iv, AES_GCM_128_IV_SIZE);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- es->iv.length = AES_GCM_128_IV_SIZE;
|
|
|
b6b438 |
- es->iv.data = iv;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /*
|
|
|
b6b438 |
- * Encrypt the value, and append the GCM digest to the encrypted
|
|
|
b6b438 |
- * data so that it can be decrypted and validated by the
|
|
|
b6b438 |
- * gnutls aead decryption routines.
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- uint8_t *ct = talloc_zero_size(frame, pt.length + AES_BLOCK_SIZE);
|
|
|
b6b438 |
- if (ct == NULL) {
|
|
|
b6b438 |
- ldb_oom(ldb);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- memcpy(ct, pt.data, pt.length);
|
|
|
b6b438 |
- es->encrypted.length = pt.length + AES_BLOCK_SIZE;
|
|
|
b6b438 |
- es->encrypted.data = ct;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- aes_gcm_128_init(&cctx, key_blob.data, es->iv.data);
|
|
|
b6b438 |
- aes_gcm_128_updateA(&cctx,
|
|
|
b6b438 |
- (uint8_t *)&es->header,
|
|
|
b6b438 |
- sizeof(struct EncryptedSecretHeader));
|
|
|
b6b438 |
- aes_gcm_128_crypt(&cctx, es->encrypted.data, pt.length);
|
|
|
b6b438 |
- aes_gcm_128_updateC(&cctx, es->encrypted.data, pt.length);
|
|
|
b6b438 |
- aes_gcm_128_digest(&cctx, &es->encrypted.data[pt.length]);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_push_struct_blob(&enc,
|
|
|
b6b438 |
- ctx,
|
|
|
b6b438 |
- es,
|
|
|
b6b438 |
- (ndr_push_flags_fn_t)
|
|
|
b6b438 |
- ndr_push_EncryptedSecret);
|
|
|
b6b438 |
- if (!NDR_ERR_CODE_IS_SUCCESS(rc)) {
|
|
|
b6b438 |
- ldb_set_errstring(ldb,
|
|
|
b6b438 |
- "Unable to ndr push EncryptedSecret\n");
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- TALLOC_FREE(frame);
|
|
|
b6b438 |
- return enc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-error_exit:
|
|
|
b6b438 |
- *err = LDB_ERR_OPERATIONS_ERROR;
|
|
|
b6b438 |
- TALLOC_FREE(frame);
|
|
|
b6b438 |
- return data_blob_null;
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-/*
|
|
|
b6b438 |
- * @brief Decrypt data encrypted using an aead algorithm.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * Decrypt the data in ed and insert it into ev. The data was encrypted
|
|
|
b6b438 |
- * with the samba aes gcm implementation.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @param err Pointer to an error code, set to:
|
|
|
b6b438 |
- * LDB_SUCESS If the value was successfully decrypted
|
|
|
b6b438 |
- * LDB_ERR_OPERATIONS_ERROR If there was an error.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @param ctx Talloc memory context that will own the memory allocated
|
|
|
b6b438 |
- * @param ldb ldb context, to allow logging.
|
|
|
b6b438 |
- * @param ev The value to be updated with the decrypted data.
|
|
|
b6b438 |
- * @param ed The data to decrypt.
|
|
|
b6b438 |
- * @param data The context data for this module.
|
|
|
b6b438 |
- *
|
|
|
b6b438 |
- * @return ev is updated with the unencrypted data.
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
-static void samba_decrypt_aead(int *err,
|
|
|
b6b438 |
- TALLOC_CTX *ctx,
|
|
|
b6b438 |
- struct ldb_context *ldb,
|
|
|
b6b438 |
- struct EncryptedSecret *es,
|
|
|
b6b438 |
- struct PlaintextSecret *ps,
|
|
|
b6b438 |
- const struct es_data *data)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct aes_gcm_128_context cctx;
|
|
|
b6b438 |
- DATA_BLOB pt = data_blob_null;
|
|
|
b6b438 |
- DATA_BLOB key_blob = data_blob_null;
|
|
|
b6b438 |
- uint8_t sig[AES_BLOCK_SIZE] = {0, };
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
- int cmp;
|
|
|
b6b438 |
- TALLOC_CTX *frame = talloc_stackframe();
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /*
|
|
|
b6b438 |
- * Set the encryption key
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
- key_blob = get_key(data);
|
|
|
b6b438 |
- if (key_blob.length != AES_BLOCK_SIZE) {
|
|
|
b6b438 |
- ldb_asprintf_errstring(ldb,
|
|
|
b6b438 |
- "Invalid EncryptedSecrets key size, "
|
|
|
b6b438 |
- "expected %u bytes and is %zu bytes\n",
|
|
|
b6b438 |
- AES_BLOCK_SIZE,
|
|
|
b6b438 |
- key_blob.length);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- if (es->iv.length < AES_GCM_128_IV_SIZE) {
|
|
|
b6b438 |
- ldb_asprintf_errstring(ldb,
|
|
|
b6b438 |
- "Invalid EncryptedSecrets iv size, "
|
|
|
b6b438 |
- "expected %u bytes and is %zu bytes\n",
|
|
|
b6b438 |
- AES_GCM_128_IV_SIZE,
|
|
|
b6b438 |
- es->iv.length);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- if (es->encrypted.length < AES_BLOCK_SIZE) {
|
|
|
b6b438 |
- ldb_asprintf_errstring(ldb,
|
|
|
b6b438 |
- "Invalid EncryptedData size, "
|
|
|
b6b438 |
- "expected %u bytes and is %zu bytes\n",
|
|
|
b6b438 |
- AES_BLOCK_SIZE,
|
|
|
b6b438 |
- es->encrypted.length);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- pt.length = es->encrypted.length - AES_BLOCK_SIZE;
|
|
|
b6b438 |
- pt.data = talloc_zero_size(ctx, pt.length);
|
|
|
b6b438 |
- if (pt.data == NULL) {
|
|
|
b6b438 |
- ldb_set_errstring(ldb,
|
|
|
b6b438 |
- "Out of memory allocating space for "
|
|
|
b6b438 |
- "plain text\n");
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- memcpy(pt.data, es->encrypted.data, pt.length);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- aes_gcm_128_init(&cctx, key_blob.data, es->iv.data);
|
|
|
b6b438 |
- aes_gcm_128_updateA(&cctx,
|
|
|
b6b438 |
- (uint8_t *)&es->header,
|
|
|
b6b438 |
- sizeof(struct EncryptedSecretHeader));
|
|
|
b6b438 |
- aes_gcm_128_updateC(&cctx, pt.data, pt.length);
|
|
|
b6b438 |
- aes_gcm_128_crypt(&cctx, pt.data, pt.length);
|
|
|
b6b438 |
- aes_gcm_128_digest(&cctx, sig);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /*
|
|
|
b6b438 |
- * Check the authentication tag
|
|
|
b6b438 |
- */
|
|
|
b6b438 |
- cmp = memcmp(&es->encrypted.data[pt.length], sig, AES_BLOCK_SIZE);
|
|
|
b6b438 |
- if (cmp != 0) {
|
|
|
b6b438 |
- ldb_set_errstring(ldb,
|
|
|
b6b438 |
- "Tag does not match, "
|
|
|
b6b438 |
- "data corrupted or altered\n");
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_pull_struct_blob(&pt,
|
|
|
b6b438 |
- ctx,
|
|
|
b6b438 |
- ps,
|
|
|
b6b438 |
- (ndr_pull_flags_fn_t)
|
|
|
b6b438 |
- ndr_pull_PlaintextSecret);
|
|
|
b6b438 |
- if(!NDR_ERR_CODE_IS_SUCCESS(rc)) {
|
|
|
b6b438 |
- ldb_asprintf_errstring(ldb,
|
|
|
b6b438 |
- "Error(%d) unpacking decrypted data, "
|
|
|
b6b438 |
- "data possibly corrupted or altered\n",
|
|
|
b6b438 |
- rc);
|
|
|
b6b438 |
- goto error_exit;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- TALLOC_FREE(frame);
|
|
|
b6b438 |
- return;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-error_exit:
|
|
|
b6b438 |
- *err = LDB_ERR_OPERATIONS_ERROR;
|
|
|
b6b438 |
- TALLOC_FREE(frame);
|
|
|
b6b438 |
- return;
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-#endif /* BUILD_WITH_SAMBA_AES_GCM */
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* Helper function converts a data blob to a gnutls_datum_t.
|
|
|
b6b438 |
@@ -946,7 +693,6 @@ error_exit:
|
|
|
b6b438 |
*err = LDB_ERR_OPERATIONS_ERROR;
|
|
|
b6b438 |
return;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* BUILD_WITH_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* @brief Encrypt an attribute value using the default encryption algorithm.
|
|
|
b6b438 |
@@ -972,11 +718,7 @@ static struct ldb_val encrypt_value(int *err,
|
|
|
b6b438 |
const struct ldb_val val,
|
|
|
b6b438 |
const struct es_data *data)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
return gnutls_encrypt_aead(err, ctx, ldb, val, data);
|
|
|
b6b438 |
-#elif defined BUILD_WITH_SAMBA_AES_GCM
|
|
|
b6b438 |
- return samba_encrypt_aead(err, ctx, ldb, val, data);
|
|
|
b6b438 |
-#endif
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
@@ -1206,11 +948,7 @@ static struct ldb_val decrypt_value(int *err,
|
|
|
b6b438 |
*err = LDB_ERR_OPERATIONS_ERROR;
|
|
|
b6b438 |
return data_blob_null;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#ifdef BUILD_WITH_GNUTLS_AEAD
|
|
|
b6b438 |
gnutls_decrypt_aead(err, frame, ldb, &es, &ps, data);
|
|
|
b6b438 |
-#elif defined BUILD_WITH_SAMBA_AES_GCM
|
|
|
b6b438 |
- samba_decrypt_aead(err, frame, ldb, &es, &ps, data);
|
|
|
b6b438 |
-#endif
|
|
|
b6b438 |
|
|
|
b6b438 |
if (*err != LDB_SUCCESS) {
|
|
|
b6b438 |
TALLOC_FREE(frame);
|
|
|
b6b438 |
diff --git a/source4/dsdb/samdb/ldb_modules/tests/test_encrypted_secrets.c b/source4/dsdb/samdb/ldb_modules/tests/test_encrypted_secrets.c
|
|
|
b6b438 |
index a33781d703d..b9516815f75 100644
|
|
|
b6b438 |
--- a/source4/dsdb/samdb/ldb_modules/tests/test_encrypted_secrets.c
|
|
|
b6b438 |
+++ b/source4/dsdb/samdb/ldb_modules/tests/test_encrypted_secrets.c
|
|
|
b6b438 |
@@ -336,7 +336,6 @@ static void test_key_file_long_key(void **state)
|
|
|
b6b438 |
assert_int_equal(0, data_blob_cmp(&key, &data->keys[0]));
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* Test gnutls_encryption and decryption.
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
@@ -391,9 +390,7 @@ static void test_gnutls_value_encryption(void **state)
|
|
|
b6b438 |
&plain_text));
|
|
|
b6b438 |
}
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
static void test_gnutls_altered_header(void **state)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
@@ -458,9 +455,7 @@ static void test_gnutls_altered_header(void **state)
|
|
|
b6b438 |
assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
static void test_gnutls_altered_data(void **state)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
@@ -525,9 +520,7 @@ static void test_gnutls_altered_data(void **state)
|
|
|
b6b438 |
assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
static void test_gnutls_altered_iv(void **state)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
@@ -592,260 +585,10 @@ static void test_gnutls_altered_iv(void **state)
|
|
|
b6b438 |
assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
}
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* Test samba encryption and decryption and decryption.
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
-#ifndef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
-static void test_samba_value_encryption(void **state)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
- talloc_get_type_abort(*state, struct ldbtest_ctx);
|
|
|
b6b438 |
- struct ldb_val plain_text = data_blob_null;
|
|
|
b6b438 |
- struct ldb_val cipher_text = data_blob_null;
|
|
|
b6b438 |
- struct EncryptedSecret es;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- struct es_data *data = talloc_get_type(
|
|
|
b6b438 |
- ldb_module_get_private(test_ctx->module),
|
|
|
b6b438 |
- struct es_data);
|
|
|
b6b438 |
- int err = LDB_SUCCESS;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- plain_text = data_blob_string_const("A text value");
|
|
|
b6b438 |
- cipher_text = samba_encrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- plain_text,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_pull_struct_blob(
|
|
|
b6b438 |
- &cipher_text,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- (ndr_pull_flags_fn_t) ndr_pull_EncryptedSecret);
|
|
|
b6b438 |
- assert_true(NDR_ERR_CODE_IS_SUCCESS(rc));
|
|
|
b6b438 |
- assert_true(check_header(&es);;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
- assert_int_equal(
|
|
|
b6b438 |
- plain_text.length,
|
|
|
b6b438 |
- decrypted->cleartext.length);
|
|
|
b6b438 |
- assert_int_equal(0,
|
|
|
b6b438 |
- data_blob_cmp(
|
|
|
b6b438 |
- &decrypted->cleartext,
|
|
|
b6b438 |
- &plain_text));
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-static void test_samba_altered_header(void **state)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
- talloc_get_type_abort(*state, struct ldbtest_ctx);
|
|
|
b6b438 |
- struct ldb_val plain_text = data_blob_null;
|
|
|
b6b438 |
- struct ldb_val cipher_text = data_blob_null;
|
|
|
b6b438 |
- struct EncryptedSecret es;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- struct es_data *data = talloc_get_type(
|
|
|
b6b438 |
- ldb_module_get_private(test_ctx->module),
|
|
|
b6b438 |
- struct es_data);
|
|
|
b6b438 |
- int err = LDB_SUCCESS;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- plain_text = data_blob_string_const("A text value");
|
|
|
b6b438 |
- cipher_text = samba_encrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- plain_text,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_pull_struct_blob(
|
|
|
b6b438 |
- &cipher_text,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- (ndr_pull_flags_fn_t) ndr_pull_EncryptedSecret);
|
|
|
b6b438 |
- assert_true(NDR_ERR_CODE_IS_SUCCESS(rc));
|
|
|
b6b438 |
- assert_true(check_header(&es);;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
- assert_int_equal(
|
|
|
b6b438 |
- plain_text.length,
|
|
|
b6b438 |
- decrypted->cleartext.length);
|
|
|
b6b438 |
- assert_int_equal(0,
|
|
|
b6b438 |
- data_blob_cmp(
|
|
|
b6b438 |
- &decrypted->cleartext,
|
|
|
b6b438 |
- &plain_text));
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- es.header.flags = es.header.flags ^ 0xffffffff;
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-static void test_samba_altered_data(void **state)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
- talloc_get_type_abort(*state, struct ldbtest_ctx);
|
|
|
b6b438 |
- struct ldb_val plain_text = data_blob_null;
|
|
|
b6b438 |
- struct ldb_val cipher_text = data_blob_null;
|
|
|
b6b438 |
- struct EncryptedSecret es;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- struct es_data *data = talloc_get_type(
|
|
|
b6b438 |
- ldb_module_get_private(test_ctx->module),
|
|
|
b6b438 |
- struct es_data);
|
|
|
b6b438 |
- int err = LDB_SUCCESS;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- plain_text = data_blob_string_const("A text value");
|
|
|
b6b438 |
- cipher_text = samba_encrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- plain_text,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_pull_struct_blob(
|
|
|
b6b438 |
- &cipher_text,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- (ndr_pull_flags_fn_t) ndr_pull_EncryptedSecret);
|
|
|
b6b438 |
- assert_true(NDR_ERR_CODE_IS_SUCCESS(rc));
|
|
|
b6b438 |
- assert_true(check_header(&es);;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
- assert_int_equal(
|
|
|
b6b438 |
- plain_text.length,
|
|
|
b6b438 |
- decrypted->cleartext.length);
|
|
|
b6b438 |
- assert_int_equal(0,
|
|
|
b6b438 |
- data_blob_cmp(
|
|
|
b6b438 |
- &decrypted->cleartext,
|
|
|
b6b438 |
- &plain_text));
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- es.encrypted.data[0] = es.encrypted.data[0] ^ 0xff;
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-
|
|
|
b6b438 |
-static void test_samba_altered_iv(void **state)
|
|
|
b6b438 |
-{
|
|
|
b6b438 |
- struct ldbtest_ctx *test_ctx =
|
|
|
b6b438 |
- talloc_get_type_abort(*state, struct ldbtest_ctx);
|
|
|
b6b438 |
- struct ldb_val plain_text = data_blob_null;
|
|
|
b6b438 |
- struct ldb_val cipher_text = data_blob_null;
|
|
|
b6b438 |
- struct EncryptedSecret es;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- struct es_data *data = talloc_get_type(
|
|
|
b6b438 |
- ldb_module_get_private(test_ctx->module),
|
|
|
b6b438 |
- struct es_data);
|
|
|
b6b438 |
- int err = LDB_SUCCESS;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- plain_text = data_blob_string_const("A text value");
|
|
|
b6b438 |
- cipher_text = samba_encrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- plain_text,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- rc = ndr_pull_struct_blob(
|
|
|
b6b438 |
- &cipher_text,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- (ndr_pull_flags_fn_t) ndr_pull_EncryptedSecret);
|
|
|
b6b438 |
- assert_true(NDR_ERR_CODE_IS_SUCCESS(rc));
|
|
|
b6b438 |
- assert_true(check_header(&es);;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_SUCCESS, err);
|
|
|
b6b438 |
- assert_int_equal(
|
|
|
b6b438 |
- plain_text.length,
|
|
|
b6b438 |
- decrypted->cleartext.length);
|
|
|
b6b438 |
- assert_int_equal(0,
|
|
|
b6b438 |
- data_blob_cmp(
|
|
|
b6b438 |
- &decrypted->cleartext,
|
|
|
b6b438 |
- &plain_text));
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- es.iv.data[0] = es.iv.data[0] ^ 0xff;
|
|
|
b6b438 |
- {
|
|
|
b6b438 |
- struct PlaintextSecret *decrypted =
|
|
|
b6b438 |
- talloc_zero(test_ctx, struct PlaintextSecret);
|
|
|
b6b438 |
- samba_decrypt_aead(
|
|
|
b6b438 |
- &err,
|
|
|
b6b438 |
- test_ctx,
|
|
|
b6b438 |
- test_ctx->ldb,
|
|
|
b6b438 |
- &es,
|
|
|
b6b438 |
- decrypted,
|
|
|
b6b438 |
- data);
|
|
|
b6b438 |
- assert_int_equal(LDB_ERR_OPERATIONS_ERROR, err);
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
-}
|
|
|
b6b438 |
-#endif
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
* Test message encryption.
|
|
|
b6b438 |
@@ -1096,9 +839,7 @@ static void test_record_decryption(void **state)
|
|
|
b6b438 |
.data = es_keys_blob,
|
|
|
b6b438 |
.length = sizeof(es_keys_blob),
|
|
|
b6b438 |
},
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
.encryption_algorithm = GNUTLS_CIPHER_AES_128_GCM,
|
|
|
b6b438 |
-#endif
|
|
|
b6b438 |
};
|
|
|
b6b438 |
int err = LDB_SUCCESS;
|
|
|
b6b438 |
struct ldb_val dec = decrypt_value(&err, test_ctx, test_ctx->ldb, cipher_text,
|
|
|
b6b438 |
@@ -1131,7 +872,6 @@ int main(void) {
|
|
|
b6b438 |
test_check_header,
|
|
|
b6b438 |
setup,
|
|
|
b6b438 |
teardown),
|
|
|
b6b438 |
-#ifdef HAVE_GNUTLS_AEAD
|
|
|
b6b438 |
cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
test_gnutls_value_encryption,
|
|
|
b6b438 |
setup_with_key,
|
|
|
b6b438 |
@@ -1148,24 +888,6 @@ int main(void) {
|
|
|
b6b438 |
test_gnutls_altered_iv,
|
|
|
b6b438 |
setup_with_key,
|
|
|
b6b438 |
teardown),
|
|
|
b6b438 |
-#else
|
|
|
b6b438 |
- cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
- test_samba_value_encryption,
|
|
|
b6b438 |
- setup_with_key,
|
|
|
b6b438 |
- teardown),
|
|
|
b6b438 |
- cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
- test_samba_altered_header,
|
|
|
b6b438 |
- setup_with_key,
|
|
|
b6b438 |
- teardown),
|
|
|
b6b438 |
- cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
- test_samba_altered_data,
|
|
|
b6b438 |
- setup_with_key,
|
|
|
b6b438 |
- teardown),
|
|
|
b6b438 |
- cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
- test_samba_altered_iv,
|
|
|
b6b438 |
- setup_with_key,
|
|
|
b6b438 |
- teardown),
|
|
|
b6b438 |
-#endif /* HAVE_GNUTLS_AEAD */
|
|
|
b6b438 |
cmocka_unit_test_setup_teardown(
|
|
|
b6b438 |
test_message_encryption_decryption,
|
|
|
b6b438 |
setup_with_key,
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|