[noprint] DATA_BLOB encryption_key_blob;
[ignore] smb2_signing_key *encryption_key;
[noprint] DATA_BLOB decryption_key_blob;
+ [ignore] smb2_signing_key *decryption_key;
[noprint] DATA_BLOB application_key;
[range(1, 1024)] uint32 num_channels;
smbXsrv_channel_global0 channels[num_channels];
tf_iov[1].iov_base = (void *)hdr;
tf_iov[1].iov_len = enc_len;
- status = smb2_signing_decrypt_pdu(s->global->decryption_key_blob,
+ status = smb2_signing_decrypt_pdu(s->global->decryption_key->blob,
xconn->smb2.server.cipher,
tf_iov, 2);
if (!NT_STATUS_IS_OK(status)) {
if (xconn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.decryption;
- x->global->decryption_key_blob = data_blob_talloc(x->global,
- session_key,
- sizeof(session_key));
- if (x->global->decryption_key_blob.data == NULL) {
+ x->global->decryption_key =
+ talloc_zero(x->global, struct smb2_signing_key);
+ if (x->global->decryption_key == NULL) {
+ ZERO_STRUCT(session_key);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ x->global->decryption_key->blob =
+ x->global->decryption_key_blob =
+ data_blob_talloc(x->global->decryption_key,
+ session_key,
+ sizeof(session_key));
+ if (!smb2_signing_key_valid(x->global->decryption_key)) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
+ talloc_keep_secret(x->global->decryption_key->blob.data);
status = smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
- x->global->decryption_key_blob.data);
+ x->global->decryption_key->blob.data);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* In server code, ServerIn is the decryption key */
DEBUGADD(0, ("ServerIn Key "));
- dump_data(0, x->global->decryption_key_blob.data,
- x->global->decryption_key_blob.length);
+ dump_data(0, x->global->decryption_key->blob.data,
+ x->global->decryption_key->blob.length);
DEBUGADD(0, ("ServerOut Key "));
dump_data(0, x->global->encryption_key->blob.data,
x->global->encryption_key->blob.length);
git.samba.org / samba.git / commitdiff