From e644d8953c09ec4c73f1cc623f5b70fcdd65ccc1 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Thu, 14 Mar 2019 10:02:27 +0100 Subject: [PATCH 115/187] s3:smbd: Use smb2_signing_key structure for the encryption key Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit 95e1c85a47e925fdb9105b85f0e1dbea1ff09950) --- source3/librpc/idl/smbXsrv.idl | 1 + source3/smbd/smb2_server.c | 17 ++++++++++------- source3/smbd/smb2_sesssetup.c | 24 +++++++++++++++++------- 3 files changed, 28 insertions(+), 14 deletions(-) diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index 72017bc3e15..f7acb2198fb 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -229,6 +229,7 @@ interface smbXsrv [noprint] DATA_BLOB signing_key_blob; [ignore] smb2_signing_key *signing_key; [noprint] DATA_BLOB encryption_key_blob; + [ignore] smb2_signing_key *encryption_key; [noprint] DATA_BLOB decryption_key_blob; [noprint] DATA_BLOB application_key; [range(1, 1024)] uint32 num_channels; diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index c0c4a0272d1..b708fdb90b9 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1737,9 +1737,9 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev, if (req->do_encryption) { struct smbXsrv_session *x = req->session; - DATA_BLOB encryption_key = x->global->encryption_key_blob; + struct smb2_signing_key *encryption_key = x->global->encryption_key; - status = smb2_signing_encrypt_pdu(encryption_key, + status = smb2_signing_encrypt_pdu(encryption_key->blob, xconn->smb2.server.cipher, &state->vector[1+SMBD_SMB2_TF_IOV_OFS], SMBD_SMB2_NUM_IOV_PER_REQ); @@ -2852,9 +2852,10 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) (firsttf->iov_len == 0) && (req->first_key.length == 0) && (req->session != NULL) && - (req->session->global->encryption_key_blob.length != 0)) + smb2_signing_key_valid(req->session->global->encryption_key)) { - DATA_BLOB encryption_key = req->session->global->encryption_key_blob; + struct smb2_signing_key *encryption_key = + req->session->global->encryption_key; uint8_t *tf; uint64_t session_id = req->session->global->session_wire_id; uint64_t nonce_high; @@ -2878,7 +2879,8 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req) * we are sure that we do not change * the header again. */ - req->first_key = data_blob_dup_talloc(req, encryption_key); + req->first_key = data_blob_dup_talloc(req, + encryption_key->blob); if (req->first_key.data == NULL) { return NT_STATUS_NO_MEMORY; } @@ -3414,9 +3416,10 @@ static NTSTATUS smbd_smb2_send_break(struct smbXsrv_connection *xconn, } if (do_encryption) { - DATA_BLOB encryption_key = session->global->encryption_key_blob; + struct smb2_signing_key *encryption_key = + session->global->encryption_key; - status = smb2_signing_encrypt_pdu(encryption_key, + status = smb2_signing_encrypt_pdu(encryption_key->blob, xconn->smb2.server.cipher, &state->vector[1+SMBD_SMB2_TF_IOV_OFS], SMBD_SMB2_NUM_IOV_PER_REQ); diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 591d5c37160..c2725825d7a 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -394,18 +394,28 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, struct _derivation *d = &derivation.encryption; size_t nonce_size; - x->global->encryption_key_blob = data_blob_talloc(x->global, - session_key, - sizeof(session_key)); - if (x->global->encryption_key_blob.data == NULL) { + x->global->encryption_key = + talloc_zero(x->global, struct smb2_signing_key); + if (x->global->encryption_key == NULL) { + ZERO_STRUCT(session_key); + return NT_STATUS_NO_MEMORY; + } + + x->global->encryption_key->blob = + x->global->encryption_key_blob = + data_blob_talloc(x->global->encryption_key, + session_key, + sizeof(session_key)); + if (!smb2_signing_key_valid(x->global->encryption_key)) { ZERO_STRUCT(session_key); return NT_STATUS_NO_MEMORY; } + talloc_keep_secret(x->global->encryption_key->blob.data); status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->encryption_key_blob.data); + x->global->encryption_key->blob.data); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -477,8 +487,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, dump_data(0, x->global->decryption_key_blob.data, x->global->decryption_key_blob.length); DEBUGADD(0, ("ServerOut Key ")); - dump_data(0, x->global->encryption_key_blob.data, - x->global->encryption_key_blob.length); + dump_data(0, x->global->encryption_key->blob.data, + x->global->encryption_key->blob.length); } ZERO_STRUCT(session_key); -- 2.23.0