libcli/auth: add netlogon_creds_{de,en}crypt_samr_CryptPassword()

author Stefan Metzmacher <metze@samba.org>

Mon, 28 Oct 2024 12:12:24 +0000 (13:12 +0100)

committer Jule Anger <janger@samba.org>

Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 28 Oct 2024 12:12:24 +0000 (13:12 +0100)
committer Jule Anger <janger@samba.org>
Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c

index fcc06a948369723ce89880954063f74e8edb53c7..6fdd4213b5430845984d1d0e87de5c2e081693d2 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -1196,6 +1196,54 @@ NTSTATUS netlogon_creds_encrypt_samr_Password(struct netlogon_creds_CredentialSt
                                                   true);
  }
  
+static NTSTATUS netlogon_creds_crypt_samr_CryptPassword(
+               struct netlogon_creds_CredentialState *creds,
+               struct samr_CryptPassword *pass,
+               enum dcerpc_AuthType auth_type,
+               enum dcerpc_AuthLevel auth_level,
+               bool do_encrypt)
+{
+       if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
+               if (do_encrypt) {
+                       return netlogon_creds_aes_encrypt(creds,
+                                                         pass->data,
+                                                         ARRAY_SIZE(pass->data));
+               }
+
+               return netlogon_creds_aes_decrypt(creds,
+                                                 pass->data,
+                                                 ARRAY_SIZE(pass->data));
+       }
+
+       return netlogon_creds_arcfour_crypt(creds,
+                                           pass->data,
+                                           ARRAY_SIZE(pass->data));
+}
+
+NTSTATUS netlogon_creds_decrypt_samr_CryptPassword(struct netlogon_creds_CredentialState *creds,
+                                                  struct samr_CryptPassword *pass,
+                                                  enum dcerpc_AuthType auth_type,
+                                                  enum dcerpc_AuthLevel auth_level)
+{
+       return netlogon_creds_crypt_samr_CryptPassword(creds,
+                                                      pass,
+                                                      auth_type,
+                                                      auth_level,
+                                                      false);
+}
+
+NTSTATUS netlogon_creds_encrypt_samr_CryptPassword(struct netlogon_creds_CredentialState *creds,
+                                                  struct samr_CryptPassword *pass,
+                                                  enum dcerpc_AuthType auth_type,
+                                                  enum dcerpc_AuthLevel auth_level)
+{
+       return netlogon_creds_crypt_samr_CryptPassword(creds,
+                                                      pass,
+                                                      auth_type,
+                                                      auth_level,
+                                                      true);
+}
+
  union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
                                         enum netr_LogonInfoClass level,
                                         const union netr_LogonLevel *in)
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h

index b43781191bce58bc5f6a71dce58b402a45091ce4..d02ffa64c10c1b0f8368536be9e02c7beceaccb9 100644 (file)
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -104,6 +104,14 @@ NTSTATUS netlogon_creds_encrypt_samr_Password(struct netlogon_creds_CredentialSt
                                               struct samr_Password *pass,
                                               enum dcerpc_AuthType auth_type,
                                               enum dcerpc_AuthLevel auth_level);
+NTSTATUS netlogon_creds_decrypt_samr_CryptPassword(struct netlogon_creds_CredentialState *creds,
+                                                  struct samr_CryptPassword *pass,
+                                                  enum dcerpc_AuthType auth_type,
+                                                  enum dcerpc_AuthLevel auth_level);
+NTSTATUS netlogon_creds_encrypt_samr_CryptPassword(struct netlogon_creds_CredentialState *creds,
+                                                  struct samr_CryptPassword *pass,
+                                                  enum dcerpc_AuthType auth_type,
+                                                  enum dcerpc_AuthLevel auth_level);
  union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
                                         enum netr_LogonInfoClass level,
                                         const union netr_LogonLevel *in);
author	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Oct 2024 12:12:24 +0000 (13:12 +0100)
committer	Jule Anger <janger@samba.org>
	Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
libcli/auth/credentials.c		patch \| blob \| blame \| history
libcli/auth/proto.h		patch \| blob \| blame \| history