1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Guenther Deschner 2008.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "../libcli/auth/libcli_auth.h"
22 #include "rpc_client/init_samr.h"
23
24 #include "lib/crypto/gnutls_helpers.h"
25 #include <gnutls/gnutls.h>
26 #include <gnutls/crypto.h>
27
28 /*************************************************************************
29 inits a samr_CryptPasswordEx structure
30 *************************************************************************/
31
init_samr_CryptPasswordEx(const char * pwd,DATA_BLOB * session_key,struct samr_CryptPasswordEx * pwd_buf)32 NTSTATUS init_samr_CryptPasswordEx(const char *pwd,
33 DATA_BLOB *session_key,
34 struct samr_CryptPasswordEx *pwd_buf)
35 {
36 return encode_rc4_passwd_buffer(pwd, session_key, pwd_buf);
37 }
38
39 /*************************************************************************
40 inits a samr_CryptPassword structure
41 *************************************************************************/
42
init_samr_CryptPassword(const char * pwd,DATA_BLOB * session_key,struct samr_CryptPassword * pwd_buf)43 NTSTATUS init_samr_CryptPassword(const char *pwd,
44 DATA_BLOB *session_key,
45 struct samr_CryptPassword *pwd_buf)
46 {
47 /* samr_CryptPassword */
48 gnutls_cipher_hd_t cipher_hnd = NULL;
49 gnutls_datum_t sess_key = {
50 .data = session_key->data,
51 .size = session_key->length,
52 };
53 bool ok;
54 int rc;
55
56 ok = encode_pw_buffer(pwd_buf->data, pwd, STR_UNICODE);
57 if (!ok) {
58 return NT_STATUS_INTERNAL_ERROR;
59 }
60
61 rc = gnutls_cipher_init(&cipher_hnd,
62 GNUTLS_CIPHER_ARCFOUR_128,
63 &sess_key,
64 NULL);
65 if (rc != 0) {
66 return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
67 }
68 rc = gnutls_cipher_encrypt(cipher_hnd,
69 pwd_buf->data,
70 516);
71 gnutls_cipher_deinit(cipher_hnd);
72 if (rc != 0) {
73 return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
74 }
75
76 return NT_STATUS_OK;
77 }
78