83 lines
2.9 KiB
Diff
83 lines
2.9 KiB
Diff
From cd45ceb7c38ef77ad9d6cc42ad8184ebc6829cf7 Mon Sep 17 00:00:00 2001
|
|
From: Andreas Schneider <asn@samba.org>
|
|
Date: Wed, 29 May 2019 16:38:09 +0200
|
|
Subject: [PATCH 090/187] libcli:auth: Return NTSTATUS for
|
|
netlogon_creds_aes_encrypt()
|
|
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus()
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
(cherry picked from commit ded5aad21b54b8783f7390fb2eca483d3861eeff)
|
|
---
|
|
libcli/auth/credentials.c | 15 ++++++++-------
|
|
libcli/auth/proto.h | 4 +++-
|
|
2 files changed, 11 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
|
|
index 5a1692ef436..87f8820238e 100644
|
|
--- a/libcli/auth/credentials.c
|
|
+++ b/libcli/auth/credentials.c
|
|
@@ -293,7 +293,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre
|
|
/*
|
|
AES encrypt a password buffer using the session key
|
|
*/
|
|
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
|
|
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
|
|
+ uint8_t *data,
|
|
+ size_t len)
|
|
{
|
|
#ifdef HAVE_GNUTLS_AES_CFB8
|
|
gnutls_cipher_hd_t cipher_hnd = NULL;
|
|
@@ -317,18 +319,15 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
&key,
|
|
&iv);
|
|
if (rc < 0) {
|
|
- DBG_ERR("ERROR: gnutls_cipher_init: %s\n",
|
|
- gnutls_strerror(rc));
|
|
- return;
|
|
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
}
|
|
|
|
rc = gnutls_cipher_encrypt(cipher_hnd, data, len);
|
|
gnutls_cipher_deinit(cipher_hnd);
|
|
if (rc < 0) {
|
|
- DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n",
|
|
- gnutls_strerror(rc));
|
|
- return;
|
|
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
}
|
|
+
|
|
#else /* NOT HAVE_GNUTLS_AES_CFB8 */
|
|
AES_KEY key;
|
|
uint8_t iv[AES_BLOCK_SIZE] = {0};
|
|
@@ -337,6 +336,8 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
|
|
aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT);
|
|
#endif /* HAVE_GNUTLS_AES_CFB8 */
|
|
+
|
|
+ return NT_STATUS_OK;
|
|
}
|
|
|
|
/*
|
|
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
|
|
index 65ee06215dc..639a50425e5 100644
|
|
--- a/libcli/auth/proto.h
|
|
+++ b/libcli/auth/proto.h
|
|
@@ -18,7 +18,9 @@ void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, st
|
|
NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds,
|
|
uint8_t *data,
|
|
size_t len);
|
|
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
|
|
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
|
|
+ uint8_t *data,
|
|
+ size_t len);
|
|
void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
|
|
|
|
/*****************************************************************
|
|
--
|
|
2.23.0
|
|
|