From a5149014cc8a0da7b8c664a465f6108c390d127d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 16 Aug 2019 12:34:28 +1200 Subject: [PATCH 092/187] libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt() Signed-off-by: Andrew Bartlett Reviewed-by: Andreas Schneider (cherry picked from commit 8ec796f1a1daa444bba06f34a50d2b62ee4a2ef9) --- libcli/auth/credentials.c | 15 ++++++++------- libcli/auth/proto.h | 4 +++- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index cfeab6efdcd..955e08b7385 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -346,7 +346,7 @@ NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds /* AES decrypt a password buffer using the session key */ -void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) +NTSTATUS netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) { #ifdef HAVE_GNUTLS_AES_CFB8 gnutls_cipher_hd_t cipher_hnd = NULL; @@ -370,18 +370,17 @@ void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, ui &key, &iv); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_init: %s\n", - gnutls_strerror(rc)); - return; + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); } rc = gnutls_cipher_decrypt(cipher_hnd, data, len); gnutls_cipher_deinit(cipher_hnd); if (rc < 0) { - DBG_ERR("ERROR: gnutls_cipher_decrypt: %s\n", - gnutls_strerror(rc)); - return; + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); } + #else /* NOT HAVE_GNUTLS_AES_CFB8 */ AES_KEY key; uint8_t iv[AES_BLOCK_SIZE] = {0}; @@ -390,6 +389,8 @@ void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, ui aes_cfb8_encrypt(data, data, len, &key, iv, AES_DECRYPT); #endif /* HAVE_GNUTLS_AES_CFB8 */ + + return NT_STATUS_OK; } /***************************************************************** diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 639a50425e5..714652bdb76 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -21,7 +21,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); -void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len); +NTSTATUS netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, + uint8_t *data, + size_t len); /***************************************************************** The above functions are common to the client and server interface -- 2.23.0