From fcbef176770dc8531ab9eb8bb091b44b3923f405 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 14 Mar 2019 10:53:23 +0100
Subject: [PATCH 126/187] libcli:smb: Use smb2_signing_key in
smb2_signing_decrypt_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Adaped to remove Samba AES support
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7f56e91dbe404bc1ee40e4843c4046336945b057)
---
libcli/smb/smb2_signing.c | 34 +++++++++++++++-------------------
libcli/smb/smb2_signing.h | 2 +-
libcli/smb/smbXcli_base.c | 2 +-
source3/smbd/smb2_server.c | 2 +-
4 files changed, 18 insertions(+), 22 deletions(-)
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index 1d9c99337d8..9f40e8bbea5 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -558,7 +558,7 @@ out:
return status;
}
-NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
+NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
uint16_t cipher_id,
struct iovec *vector,
int count)
@@ -574,7 +574,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
uint32_t tag_size = 0;
uint8_t _key[16] = {0};
gnutls_cipher_algorithm_t algo = 0;
- gnutls_aead_cipher_hd_t cipher_hnd = NULL;
gnutls_datum_t key;
gnutls_datum_t iv;
NTSTATUS status;
@@ -590,9 +589,9 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
tf = (uint8_t *)vector[0].iov_base;
- if (decryption_key.length == 0) {
- DEBUG(2,("Wrong decryption key length %u for SMB2 signing\n",
- (unsigned)decryption_key.length));
+ if (!smb2_signing_key_valid(decryption_key)) {
+ DBG_WARNING("Wrong decryption key length %zu for SMB2 signing\n",
+ decryption_key->blob.length);
return NT_STATUS_ACCESS_DENIED;
}
@@ -640,20 +639,22 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
};
memcpy(key.data,
- decryption_key.data,
- MIN(decryption_key.length, key.size));
+ decryption_key->blob.data,
+ MIN(decryption_key->blob.length, key.size));
iv = (gnutls_datum_t) {
.data = tf + SMB2_TF_NONCE,
.size = iv_size,
};
- rc = gnutls_aead_cipher_init(&cipher_hnd,
- algo,
- &key);
- if (rc < 0) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
+ if (decryption_key->cipher_hnd == NULL) {
+ rc = gnutls_aead_cipher_init(&decryption_key->cipher_hnd,
+ algo,
+ &key);
+ if (rc < 0) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
}
{
@@ -667,7 +668,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
ptext = talloc_size(talloc_tos(), ptext_size);
if (ptext == NULL) {
- gnutls_aead_cipher_deinit(cipher_hnd);
status = NT_STATUS_NO_MEMORY;
goto out;
}
@@ -675,7 +675,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
ctext = talloc_size(talloc_tos(), ctext_size);
if (ctext == NULL) {
TALLOC_FREE(ptext);
- gnutls_aead_cipher_deinit(cipher_hnd);
status = NT_STATUS_NO_MEMORY;
goto out;
}
@@ -691,7 +690,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
if (len != m_total) {
TALLOC_FREE(ptext);
TALLOC_FREE(ctext);
- gnutls_aead_cipher_deinit(cipher_hnd);
status = NT_STATUS_INTERNAL_ERROR;
goto out;
}
@@ -701,7 +699,7 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
tag_size);
/* This function will verify the tag */
- rc = gnutls_aead_cipher_decrypt(cipher_hnd,
+ rc = gnutls_aead_cipher_decrypt(decryption_key->cipher_hnd,
iv.data,
iv.size,
tf + SMB2_TF_NONCE,
@@ -715,7 +713,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
DBG_ERR("ERROR: %s\n", gnutls_strerror(rc));
TALLOC_FREE(ptext);
TALLOC_FREE(ctext);
- gnutls_aead_cipher_deinit(cipher_hnd);
status = NT_STATUS_INTERNAL_ERROR;
goto out;
}
@@ -732,7 +729,6 @@ NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
TALLOC_FREE(ptext);
TALLOC_FREE(ctext);
}
- gnutls_aead_cipher_deinit(cipher_hnd);
DBG_INFO("Decrypted SMB2 message\n");
diff --git a/libcli/smb/smb2_signing.h b/libcli/smb/smb2_signing.h
index 13fb54e4e4e..7eefad93b3e 100644
--- a/libcli/smb/smb2_signing.h
+++ b/libcli/smb/smb2_signing.h
@@ -57,7 +57,7 @@ NTSTATUS smb2_signing_encrypt_pdu(DATA_BLOB encryption_key,
uint16_t cipher_id,
struct iovec *vector,
int count);
-NTSTATUS smb2_signing_decrypt_pdu(DATA_BLOB decryption_key,
+NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
uint16_t cipher_id,
struct iovec *vector,
int count);
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index aa69c374d49..421fc434305 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -3567,7 +3567,7 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
tf_iov[1].iov_base = (void *)hdr;
tf_iov[1].iov_len = enc_len;
- status = smb2_signing_decrypt_pdu(s->smb2->decryption_key->blob,
+ status = smb2_signing_decrypt_pdu(s->smb2->decryption_key,
conn->smb2.server.cipher,
tf_iov, 2);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 56e7b70696b..9df22b5a6ac 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -432,7 +432,7 @@ static NTSTATUS smbd_smb2_inbuf_parse_compound(struct smbXsrv_connection *xconn,
tf_iov[1].iov_base = (void *)hdr;
tf_iov[1].iov_len = enc_len;
- status = smb2_signing_decrypt_pdu(s->global->decryption_key->blob,
+ status = smb2_signing_decrypt_pdu(s->global->decryption_key,
xconn->smb2.server.cipher,
tf_iov, 2);
if (!NT_STATUS_IS_OK(status)) {
--
2.23.0