libcli/auth: add netlogon_creds_{de,en}crypt_SendToSam()

author Stefan Metzmacher <metze@samba.org>

Mon, 28 Oct 2024 12:13:50 +0000 (13:13 +0100)

committer Jule Anger <janger@samba.org>

Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 28 Oct 2024 12:13:50 +0000 (13:13 +0100)
committer Jule Anger <janger@samba.org>
Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c

index 6fdd4213b5430845984d1d0e87de5c2e081693d2..3bc6b741c069b859895f9397b9b51468d18e7b55 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -1244,6 +1244,59 @@ NTSTATUS netlogon_creds_encrypt_samr_CryptPassword(struct netlogon_creds_Credent
                                                        true);
  }
  
+static NTSTATUS netlogon_creds_crypt_SendToSam(
+               struct netlogon_creds_CredentialState *creds,
+               uint8_t *opaque_data,
+               size_t opaque_length,
+               enum dcerpc_AuthType auth_type,
+               enum dcerpc_AuthLevel auth_level,
+               bool do_encrypt)
+{
+       if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
+               if (do_encrypt) {
+                       return netlogon_creds_aes_encrypt(creds,
+                                                         opaque_data,
+                                                         opaque_length);
+               }
+
+               return netlogon_creds_aes_decrypt(creds,
+                                                 opaque_data,
+                                                 opaque_length);
+       }
+
+       return netlogon_creds_arcfour_crypt(creds,
+                                           opaque_data,
+                                           opaque_length);
+}
+
+NTSTATUS netlogon_creds_decrypt_SendToSam(struct netlogon_creds_CredentialState *creds,
+                                         uint8_t *opaque_data,
+                                         size_t opaque_length,
+                                         enum dcerpc_AuthType auth_type,
+                                         enum dcerpc_AuthLevel auth_level)
+{
+       return netlogon_creds_crypt_SendToSam(creds,
+                                             opaque_data,
+                                             opaque_length,
+                                             auth_type,
+                                             auth_level,
+                                             false);
+}
+
+NTSTATUS netlogon_creds_encrypt_SendToSam(struct netlogon_creds_CredentialState *creds,
+                                         uint8_t *opaque_data,
+                                         size_t opaque_length,
+                                         enum dcerpc_AuthType auth_type,
+                                         enum dcerpc_AuthLevel auth_level)
+{
+       return netlogon_creds_crypt_SendToSam(creds,
+                                             opaque_data,
+                                             opaque_length,
+                                             auth_type,
+                                             auth_level,
+                                             true);
+}
+
  union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
                                         enum netr_LogonInfoClass level,
                                         const union netr_LogonLevel *in)
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h

index d02ffa64c10c1b0f8368536be9e02c7beceaccb9..f108c756a1f7cd9a2016012a633a31c9a6fa7d5a 100644 (file)
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -112,6 +112,16 @@ NTSTATUS netlogon_creds_encrypt_samr_CryptPassword(struct netlogon_creds_Credent
                                                    struct samr_CryptPassword *pass,
                                                    enum dcerpc_AuthType auth_type,
                                                    enum dcerpc_AuthLevel auth_level);
+NTSTATUS netlogon_creds_decrypt_SendToSam(struct netlogon_creds_CredentialState *creds,
+                                         uint8_t *opaque_data,
+                                         size_t opaque_length,
+                                         enum dcerpc_AuthType auth_type,
+                                         enum dcerpc_AuthLevel auth_level);
+NTSTATUS netlogon_creds_encrypt_SendToSam(struct netlogon_creds_CredentialState *creds,
+                                         uint8_t *opaque_data,
+                                         size_t opaque_length,
+                                         enum dcerpc_AuthType auth_type,
+                                         enum dcerpc_AuthLevel auth_level);
  union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
                                         enum netr_LogonInfoClass level,
                                         const union netr_LogonLevel *in);
author	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Oct 2024 12:13:50 +0000 (13:13 +0100)
committer	Jule Anger <janger@samba.org>
	Wed, 13 Nov 2024 10:39:12 +0000 (10:39 +0000)
libcli/auth/credentials.c		patch \| blob \| blame \| history
libcli/auth/proto.h		patch \| blob \| blame \| history