From 4dc911798e6e5a534c194cb2519c955a0589bf66 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Thu, 14 Mar 2019 10:10:34 +0100 Subject: [PATCH 116/187] s3:smbd: Use smb2_signing_key structure for the decryption key Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit b51c4293f7430b5ce6a81599fb0c7be5dc444c46) --- source3/librpc/idl/smbXsrv.idl | 1 + source3/smbd/smb2_server.c | 2 +- source3/smbd/smb2_sesssetup.c | 24 +++++++++++++++++------- 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index f7acb2198fb..330c6896114 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -231,6 +231,7 @@ interface smbXsrv [noprint] DATA_BLOB encryption_key_blob; [ignore] smb2_signing_key *encryption_key; [noprint] DATA_BLOB decryption_key_blob; + [ignore] smb2_signing_key *decryption_key; [noprint] DATA_BLOB application_key; [range(1, 1024)] uint32 num_channels; smbXsrv_channel_global0 channels[num_channels]; diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index b708fdb90b9..56e7b70696b 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -432,7 +432,7 @@ static NTSTATUS smbd_smb2_inbuf_parse_compound(struct smbXsrv_connection *xconn, tf_iov[1].iov_base = (void *)hdr; tf_iov[1].iov_len = enc_len; - status = smb2_signing_decrypt_pdu(s->global->decryption_key_blob, + status = smb2_signing_decrypt_pdu(s->global->decryption_key->blob, xconn->smb2.server.cipher, tf_iov, 2); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index c2725825d7a..d6900665a95 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -373,18 +373,28 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, if (xconn->protocol >= PROTOCOL_SMB2_24) { struct _derivation *d = &derivation.decryption; - x->global->decryption_key_blob = data_blob_talloc(x->global, - session_key, - sizeof(session_key)); - if (x->global->decryption_key_blob.data == NULL) { + x->global->decryption_key = + talloc_zero(x->global, struct smb2_signing_key); + if (x->global->decryption_key == NULL) { + ZERO_STRUCT(session_key); + return NT_STATUS_NO_MEMORY; + } + + x->global->decryption_key->blob = + x->global->decryption_key_blob = + data_blob_talloc(x->global->decryption_key, + session_key, + sizeof(session_key)); + if (!smb2_signing_key_valid(x->global->decryption_key)) { ZERO_STRUCT(session_key); return NT_STATUS_NO_MEMORY; } + talloc_keep_secret(x->global->decryption_key->blob.data); status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->decryption_key_blob.data); + x->global->decryption_key->blob.data); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -484,8 +494,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, /* In server code, ServerIn is the decryption key */ DEBUGADD(0, ("ServerIn Key ")); - dump_data(0, x->global->decryption_key_blob.data, - x->global->decryption_key_blob.length); + dump_data(0, x->global->decryption_key->blob.data, + x->global->decryption_key->blob.length); DEBUGADD(0, ("ServerOut Key ")); dump_data(0, x->global->encryption_key->blob.data, x->global->encryption_key->blob.length); -- 2.23.0