From: Andreas Schneider <asn@samba.org>
Date: Fri, 20 Aug 2021 07:45:27 +0000 (+0200)
Subject: libcli:auth: Add extract_pwd_blob_from_buffer514()
X-Git-Tag: samba-4.17.0rc1~222
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=12f4bb9cc1187eb1fe4e44393377d94d155c7d49;p=thirdparty%2Fsamba.git

libcli:auth: Add extract_pwd_blob_from_buffer514()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
index 8a33e3b5c89..c787ac2d712 100644
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -203,6 +203,24 @@ bool encode_pwd_buffer514_from_str(uint8_t buffer[514],
 				   const char *password,
 				   uint32_t string_flags);
 
+/**
+ * @brief Extract AES password blob from buffer.
+ *
+ * This extracts the password from the in_buffer as a data blob. It should
+ * then contain an UTF-16 encoded password.
+ *
+ * @param mem_ctx       The memory context to allowcate the password on.
+ *
+ * @param in_buffer[514] The input buffer to extract the password from.
+ *
+ * @param new_password  A pointer to the store the extracted password blob.
+ *
+ * @return true on success, false otherwise.
+ */
+bool extract_pwd_blob_from_buffer514(TALLOC_CTX *mem_ctx,
+				     const uint8_t in_buffer[514],
+				     DATA_BLOB *new_password);
+
 /***********************************************************
  Encode an arc4 password change buffer.
 ************************************************************/
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index 666ff314523..cf141a9891f 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -1011,6 +1011,36 @@ bool encode_pwd_buffer514_from_str(uint8_t buffer[514],
 	return true;
 }
 
+bool extract_pwd_blob_from_buffer514(TALLOC_CTX *mem_ctx,
+				     const uint8_t in_buffer[514],
+				     DATA_BLOB *new_password)
+{
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("in_buffer: "));
+	dump_data(100, in_buffer, 514);
+#endif
+
+	new_password->length = PULL_LE_U16(in_buffer, 0);
+	if (new_password->length == 0 || new_password->length > 512) {
+		return false;
+	}
+
+	new_password->data =
+		talloc_memdup(mem_ctx, in_buffer + 2, new_password->length);
+	if (new_password->data == NULL) {
+		return false;
+	}
+	talloc_keep_secret(new_password->data);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("new_pwd_len: %zu\n", new_password->length));
+	DEBUG(100, ("new_pwd: "));
+	dump_data(100, new_password->data, new_password->length);
+#endif
+
+	return true;
+}
+
 /***********************************************************
  Encode an arc4 password change buffer.
 ************************************************************/