libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.

[kai/samba.git] / libcli / auth / credentials.c

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index dfbfdb356aa65abc3027f4581491a685a15d43f1..be43c95be9d593b2ff9021cfaad00bc0b330e417 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -222,6 +222,34 @@ void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds,
        data_blob_free(&session_key);
 }
 
+/*
+  AES encrypt a password buffer using the session key
+*/
+void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
+{
+       AES_KEY key;
+       uint8_t iv[AES_BLOCK_SIZE];
+
+       AES_set_encrypt_key(creds->session_key, 128, &key);
+       ZERO_STRUCT(iv);
+
+       aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT);
+}
+
+/*
+  AES decrypt a password buffer using the session key
+*/
+void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
+{
+       AES_KEY key;
+       uint8_t iv[AES_BLOCK_SIZE];
+
+       AES_set_encrypt_key(creds->session_key, 128, &key);
+       ZERO_STRUCT(iv);
+
+       aes_cfb8_encrypt(data, data, len, &key, iv, AES_DECRYPT);
+}
+
 /*****************************************************************
 The above functions are common to the client and server interface
 next comes the client specific functions