From e644d8953c09ec4c73f1cc623f5b70fcdd65ccc1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 14 Mar 2019 10:02:27 +0100
Subject: [PATCH 115/187] s3:smbd: Use smb2_signing_key structure for the
 encryption key

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 95e1c85a47e925fdb9105b85f0e1dbea1ff09950)
---
 source3/librpc/idl/smbXsrv.idl |  1 +
 source3/smbd/smb2_server.c     | 17 ++++++++++-------
 source3/smbd/smb2_sesssetup.c  | 24 +++++++++++++++++-------
 3 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl
index 72017bc3e15..f7acb2198fb 100644
--- a/source3/librpc/idl/smbXsrv.idl
+++ b/source3/librpc/idl/smbXsrv.idl
@@ -229,6 +229,7 @@ interface smbXsrv
 		[noprint] DATA_BLOB			signing_key_blob;
 		[ignore] smb2_signing_key		*signing_key;
 		[noprint] DATA_BLOB			encryption_key_blob;
+		[ignore] smb2_signing_key		*encryption_key;
 		[noprint] DATA_BLOB			decryption_key_blob;
 		[noprint] DATA_BLOB			application_key;
 		[range(1, 1024)] uint32			num_channels;
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index c0c4a0272d1..b708fdb90b9 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1737,9 +1737,9 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev,
 
 	if (req->do_encryption) {
 		struct smbXsrv_session *x = req->session;
-		DATA_BLOB encryption_key = x->global->encryption_key_blob;
+		struct smb2_signing_key *encryption_key = x->global->encryption_key;
 
-		status = smb2_signing_encrypt_pdu(encryption_key,
+		status = smb2_signing_encrypt_pdu(encryption_key->blob,
 					xconn->smb2.server.cipher,
 					&state->vector[1+SMBD_SMB2_TF_IOV_OFS],
 					SMBD_SMB2_NUM_IOV_PER_REQ);
@@ -2852,9 +2852,10 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req)
 	    (firsttf->iov_len == 0) &&
 	    (req->first_key.length == 0) &&
 	    (req->session != NULL) &&
-	    (req->session->global->encryption_key_blob.length != 0))
+	    smb2_signing_key_valid(req->session->global->encryption_key))
 	{
-		DATA_BLOB encryption_key = req->session->global->encryption_key_blob;
+		struct smb2_signing_key *encryption_key =
+			req->session->global->encryption_key;
 		uint8_t *tf;
 		uint64_t session_id = req->session->global->session_wire_id;
 		uint64_t nonce_high;
@@ -2878,7 +2879,8 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req)
 		 * we are sure that we do not change
 		 * the header again.
 		 */
-		req->first_key = data_blob_dup_talloc(req, encryption_key);
+		req->first_key = data_blob_dup_talloc(req,
+						      encryption_key->blob);
 		if (req->first_key.data == NULL) {
 			return NT_STATUS_NO_MEMORY;
 		}
@@ -3414,9 +3416,10 @@ static NTSTATUS smbd_smb2_send_break(struct smbXsrv_connection *xconn,
 	}
 
 	if (do_encryption) {
-		DATA_BLOB encryption_key = session->global->encryption_key_blob;
+		struct smb2_signing_key *encryption_key =
+			session->global->encryption_key;
 
-		status = smb2_signing_encrypt_pdu(encryption_key,
+		status = smb2_signing_encrypt_pdu(encryption_key->blob,
 					xconn->smb2.server.cipher,
 					&state->vector[1+SMBD_SMB2_TF_IOV_OFS],
 					SMBD_SMB2_NUM_IOV_PER_REQ);
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 591d5c37160..c2725825d7a 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -394,18 +394,28 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
 		struct _derivation *d = &derivation.encryption;
 		size_t nonce_size;
 
-		x->global->encryption_key_blob = data_blob_talloc(x->global,
-							     session_key,
-							     sizeof(session_key));
-		if (x->global->encryption_key_blob.data == NULL) {
+		x->global->encryption_key =
+			talloc_zero(x->global, struct smb2_signing_key);
+		if (x->global->encryption_key == NULL) {
+			ZERO_STRUCT(session_key);
+			return NT_STATUS_NO_MEMORY;
+		}
+
+		x->global->encryption_key->blob =
+			x->global->encryption_key_blob =
+				data_blob_talloc(x->global->encryption_key,
+						 session_key,
+						 sizeof(session_key));
+		if (!smb2_signing_key_valid(x->global->encryption_key)) {
 			ZERO_STRUCT(session_key);
 			return NT_STATUS_NO_MEMORY;
 		}
+		talloc_keep_secret(x->global->encryption_key->blob.data);
 
 		status = smb2_key_derivation(session_key, sizeof(session_key),
 					     d->label.data, d->label.length,
 					     d->context.data, d->context.length,
-					     x->global->encryption_key_blob.data);
+					     x->global->encryption_key->blob.data);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}
@@ -477,8 +487,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
 		dump_data(0, x->global->decryption_key_blob.data,
 			  x->global->decryption_key_blob.length);
 		DEBUGADD(0, ("ServerOut Key "));
-		dump_data(0, x->global->encryption_key_blob.data,
-			  x->global->encryption_key_blob.length);
+		dump_data(0, x->global->encryption_key->blob.data,
+			  x->global->encryption_key->blob.length);
 	}
 
 	ZERO_STRUCT(session_key);
-- 
2.23.0