libcli/smb: pass the length of the resulting key to smb2_key_derivation()

author Stefan Metzmacher <metze@samba.org>

Mon, 9 Nov 2020 13:22:24 +0000 (14:22 +0100)

committer Jeremy Allison <jra@samba.org>

Wed, 17 Mar 2021 00:49:32 +0000 (00:49 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 9 Nov 2020 13:22:24 +0000 (14:22 +0100)
committer Jeremy Allison <jra@samba.org>
Wed, 17 Mar 2021 00:49:32 +0000 (00:49 +0000)
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c

index 42c0854c0686cd5d75e29c9b50239f48b8b88f35..5927a1331ac71fc5d875de4aafee4a13088bf0b9 100644 (file)
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -316,9 +316,8 @@ NTSTATUS smb2_signing_check_pdu(struct smb2_signing_key *signing_key,
  NTSTATUS smb2_key_derivation(const uint8_t *KI, size_t KI_len,
                              const uint8_t *Label, size_t Label_len,
                              const uint8_t *Context, size_t Context_len,
-                            uint8_t KO[16])
+                            uint8_t *KO, size_t KO_len)
  {
-       size_t KO_len = 16;
         gnutls_hmac_hd_t hmac_hnd = NULL;
         uint8_t buf[4];
         static const uint8_t zero = 0;
diff --git a/libcli/smb/smb2_signing.h b/libcli/smb/smb2_signing.h

index ca22de9dbfa90704b895e13d61b799a4258a68ee..79989039d50d06bb2ee115a9c8912cc651c20728 100644 (file)
--- a/libcli/smb/smb2_signing.h
+++ b/libcli/smb/smb2_signing.h
@@ -56,7 +56,7 @@ NTSTATUS smb2_signing_check_pdu(struct smb2_signing_key *signing_key,
  NTSTATUS smb2_key_derivation(const uint8_t *KI, size_t KI_len,
                              const uint8_t *Label, size_t Label_len,
                              const uint8_t *Context, size_t Context_len,
-                            uint8_t KO[16]);
+                            uint8_t *KO, size_t KO_len);
  
  NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,
                                   uint16_t cipher_id,
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c

index e4d495f9622bb6275154878ccf2980a010fe4588..91d5bf62d800595377c1b7cc617ab030400ff57f 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -6141,7 +6141,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            session->smb2->signing_key->blob.data);
+                                            session->smb2->signing_key->blob.data,
+                                            session->smb2->signing_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -6170,7 +6171,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            session->smb2->encryption_key->blob.data);
+                                            session->smb2->encryption_key->blob.data,
+                                            session->smb2->encryption_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -6199,7 +6201,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            session->smb2->decryption_key->blob.data);
+                                            session->smb2->decryption_key->blob.data,
+                                            session->smb2->decryption_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -6219,7 +6222,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            session->smb2->application_key.data);
+                                            session->smb2->application_key.data,
+                                            session->smb2->application_key.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -6423,7 +6427,8 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
                 status = smb2_key_derivation(channel_key, sizeof(channel_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            session->smb2_channel.signing_key->blob.data);
+                                            session->smb2_channel.signing_key->blob.data,
+                                            session->smb2_channel.signing_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c

index 907dd92321e21f90258d34c822c45b9f186d0c35..7f24f7cadb55f37a18f1cb40ab16a8817de1e2fb 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -361,7 +361,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            x->global->signing_key->blob.data);
+                                            x->global->signing_key->blob.data,
+                                            x->global->signing_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -391,7 +392,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            x->global->decryption_key->blob.data);
+                                            x->global->decryption_key->blob.data,
+                                            x->global->decryption_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -422,7 +424,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            x->global->encryption_key->blob.data);
+                                            x->global->encryption_key->blob.data,
+                                            x->global->encryption_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -468,7 +471,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            x->global->application_key.data);
+                                            x->global->application_key.data,
+                                            x->global->application_key.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
@@ -769,7 +773,8 @@ static NTSTATUS smbd_smb2_bind_auth_return(struct smbXsrv_session *session,
                 status = smb2_key_derivation(session_key, sizeof(session_key),
                                              d->label.data, d->label.length,
                                              d->context.data, d->context.length,
-                                            c->signing_key->blob.data);
+                                            c->signing_key->blob.data,
+                                            c->signing_key->blob.length);
                 if (!NT_STATUS_IS_OK(status)) {
                         return status;
                 }
author	Stefan Metzmacher <metze@samba.org>
	Mon, 9 Nov 2020 13:22:24 +0000 (14:22 +0100)
committer	Jeremy Allison <jra@samba.org>
	Wed, 17 Mar 2021 00:49:32 +0000 (00:49 +0000)
libcli/smb/smb2_signing.c		patch \| blob \| blame \| history
libcli/smb/smb2_signing.h		patch \| blob \| blame \| history
libcli/smb/smbXcli_base.c		patch \| blob \| blame \| history
source3/smbd/smb2_sesssetup.c		patch \| blob \| blame \| history