From: Stefan Metzmacher Date: Mon, 9 Nov 2020 13:22:24 +0000 (+0100) Subject: libcli/smb: pass the length of the resulting key to smb2_key_derivation() X-Git-Tag: tevent-0.11.0~1515 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3066a02b5db57f958f0f8395a63dda5acaa88607;p=thirdparty%2Fsamba.git libcli/smb: pass the length of the resulting key to smb2_key_derivation() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 42c0854c068..5927a1331ac 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -316,9 +316,8 @@ NTSTATUS smb2_signing_check_pdu(struct smb2_signing_key *signing_key, NTSTATUS smb2_key_derivation(const uint8_t *KI, size_t KI_len, const uint8_t *Label, size_t Label_len, const uint8_t *Context, size_t Context_len, - uint8_t KO[16]) + uint8_t *KO, size_t KO_len) { - size_t KO_len = 16; gnutls_hmac_hd_t hmac_hnd = NULL; uint8_t buf[4]; static const uint8_t zero = 0; diff --git a/libcli/smb/smb2_signing.h b/libcli/smb/smb2_signing.h index ca22de9dbfa..79989039d50 100644 --- a/libcli/smb/smb2_signing.h +++ b/libcli/smb/smb2_signing.h @@ -56,7 +56,7 @@ NTSTATUS smb2_signing_check_pdu(struct smb2_signing_key *signing_key, NTSTATUS smb2_key_derivation(const uint8_t *KI, size_t KI_len, const uint8_t *Label, size_t Label_len, const uint8_t *Context, size_t Context_len, - uint8_t KO[16]); + uint8_t *KO, size_t KO_len); NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key, uint16_t cipher_id, diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index e4d495f9622..91d5bf62d80 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -6141,7 +6141,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - session->smb2->signing_key->blob.data); + session->smb2->signing_key->blob.data, + session->smb2->signing_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -6170,7 +6171,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - session->smb2->encryption_key->blob.data); + session->smb2->encryption_key->blob.data, + session->smb2->encryption_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -6199,7 +6201,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - session->smb2->decryption_key->blob.data); + session->smb2->decryption_key->blob.data, + session->smb2->decryption_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -6219,7 +6222,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - session->smb2->application_key.data); + session->smb2->application_key.data, + session->smb2->application_key.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -6423,7 +6427,8 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session, status = smb2_key_derivation(channel_key, sizeof(channel_key), d->label.data, d->label.length, d->context.data, d->context.length, - session->smb2_channel.signing_key->blob.data); + session->smb2_channel.signing_key->blob.data, + session->smb2_channel.signing_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 907dd92321e..7f24f7cadb5 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -361,7 +361,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->signing_key->blob.data); + x->global->signing_key->blob.data, + x->global->signing_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -391,7 +392,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->decryption_key->blob.data); + x->global->decryption_key->blob.data, + x->global->decryption_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -422,7 +424,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->encryption_key->blob.data); + x->global->encryption_key->blob.data, + x->global->encryption_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -468,7 +471,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - x->global->application_key.data); + x->global->application_key.data, + x->global->application_key.length); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -769,7 +773,8 @@ static NTSTATUS smbd_smb2_bind_auth_return(struct smbXsrv_session *session, status = smb2_key_derivation(session_key, sizeof(session_key), d->label.data, d->label.length, d->context.data, d->context.length, - c->signing_key->blob.data); + c->signing_key->blob.data, + c->signing_key->blob.length); if (!NT_STATUS_IS_OK(status)) { return status; }