From cd45ceb7c38ef77ad9d6cc42ad8184ebc6829cf7 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 29 May 2019 16:38:09 +0200 Subject: [PATCH 090/187] libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt() Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus() Signed-off-by: Andrew Bartlett (cherry picked from commit ded5aad21b54b8783f7390fb2eca483d3861eeff) --- libcli/auth/credentials.c | 15 ++++++++------- libcli/auth/proto.h | 4 +++- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 5a1692ef436..87f8820238e 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -293,7 +293,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre /* AES encrypt a password buffer using the session key */ -void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) +NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, + uint8_t *data, + size_t len) { #ifdef HAVE_GNUTLS_AES_CFB8 gnutls_cipher_hd_t cipher_hnd = NULL; @@ -317,18 +319,15 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui &key, &iv); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_init: %s\n", - gnutls_strerror(rc)); - return; + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); } rc = gnutls_cipher_encrypt(cipher_hnd, data, len); gnutls_cipher_deinit(cipher_hnd); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n", - gnutls_strerror(rc)); - return; + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); } + #else /* NOT HAVE_GNUTLS_AES_CFB8 */ AES_KEY key; uint8_t iv[AES_BLOCK_SIZE] = {0}; @@ -337,6 +336,8 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT); #endif /* HAVE_GNUTLS_AES_CFB8 */ + + return NT_STATUS_OK; } /* diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 65ee06215dc..639a50425e5 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -18,7 +18,9 @@ void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, st NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); -void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); +NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, + uint8_t *data, + size_t len); void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); /***************************************************************** -- 2.23.0