]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt()
authorAndreas Schneider <asn@samba.org>
Wed, 29 May 2019 14:38:09 +0000 (16:38 +0200)
committerAndreas Schneider <asn@cryptomilk.org>
Wed, 21 Aug 2019 09:57:29 +0000 (09:57 +0000)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
libcli/auth/credentials.c
libcli/auth/proto.h

index 5a1692ef436ea85ff48577cb4e04581f5cd30c8a..87f8820238e936d6cf10d157f3c0a23d156e9efa 100644 (file)
@@ -293,7 +293,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre
 /*
   AES encrypt a password buffer using the session key
 */
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
+                                   uint8_t *data,
+                                   size_t len)
 {
 #ifdef HAVE_GNUTLS_AES_CFB8
        gnutls_cipher_hd_t cipher_hnd = NULL;
@@ -317,18 +319,15 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
                                &key,
                                &iv);
        if (rc < 0) {
-               DBG_ERR("ERROR: gnutls_cipher_init: %s\n",
-                       gnutls_strerror(rc));
-               return;
+               return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
        }
 
        rc = gnutls_cipher_encrypt(cipher_hnd, data, len);
        gnutls_cipher_deinit(cipher_hnd);
        if (rc < 0) {
-               DBG_ERR("ERROR: gnutls_cipher_encrypt: %s\n",
-                       gnutls_strerror(rc));
-               return;
+               return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
        }
+
 #else /* NOT HAVE_GNUTLS_AES_CFB8 */
        AES_KEY key;
        uint8_t iv[AES_BLOCK_SIZE] = {0};
@@ -337,6 +336,8 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui
 
        aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT);
 #endif /* HAVE_GNUTLS_AES_CFB8 */
+
+       return NT_STATUS_OK;
 }
 
 /*
index 65ee06215dc440311d69b1b9960fb82bf106b658..639a50425e5c7aa9c930b9b99274a10d46d56ae8 100644 (file)
@@ -18,7 +18,9 @@ void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, st
 NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds,
                                      uint8_t *data,
                                      size_t len);
-void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
+NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
+                                   uint8_t *data,
+                                   size_t len);
 void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
 
 /*****************************************************************