/*
* Note: the SMB1 signing key is not truncated to 16 byte!
*/
- x->global->signing_key =
+ x->global->signing_key_blob =
data_blob_dup_talloc(x->global,
session_info->session_key);
- if (x->global->signing_key.data == NULL) {
+ if (x->global->signing_key_blob.data == NULL) {
data_blob_free(&out_blob);
TALLOC_FREE(session);
reply_nterror(req, NT_STATUS_NO_MEMORY);
if (srv_is_signing_negotiated(xconn) &&
is_authenticated &&
- session->global->signing_key.length > 0)
+ session->global->signing_key_blob.length > 0)
{
/*
* Try and turn on server signing on the first non-guest
* sessionsetup.
*/
srv_set_signing(xconn,
- session->global->signing_key,
+ session->global->signing_key_blob,
data_blob_null);
}
/*
* Note: the SMB1 signing key is not truncated to 16 byte!
*/
- session->global->signing_key =
+ session->global->signing_key_blob =
data_blob_dup_talloc(session->global,
session_info->session_key);
- if (session->global->signing_key.data == NULL) {
+ if (session->global->signing_key_blob.data == NULL) {
TALLOC_FREE(session);
reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBsesssetupX);
* The application key is truncated/padded to 16 bytes
*/
ZERO_STRUCT(session_key);
- memcpy(session_key, session->global->signing_key.data,
- MIN(session->global->signing_key.length,
+ memcpy(session_key, session->global->signing_key_blob.data,
+ MIN(session->global->signing_key_blob.length,
sizeof(session_key)));
session->global->application_key =
data_blob_talloc(session->global,
if (srv_is_signing_negotiated(xconn) &&
is_authenticated &&
- session->global->signing_key.length > 0)
+ session->global->signing_key_blob.length > 0)
{
/*
* Try and turn on server signing on the first non-guest
* sessionsetup.
*/
srv_set_signing(xconn,
- session->global->signing_key,
+ session->global->signing_key_blob,
state->nt_resp.data ? state->nt_resp : state->lm_resp);
}
tf_iov[1].iov_base = (void *)hdr;
tf_iov[1].iov_len = enc_len;
- status = smb2_signing_decrypt_pdu(s->global->decryption_key,
+ status = smb2_signing_decrypt_pdu(s->global->decryption_key_blob,
xconn->smb2.server.cipher,
tf_iov, 2);
if (!NT_STATUS_IS_OK(status)) {
status = smbXsrv_session_find_channel(session, xconn, &c);
if (NT_STATUS_IS_OK(status)) {
- key = c->signing_key;
+ key = c->signing_key_blob;
}
if (key.length == 0) {
- key = session->global->signing_key;
+ key = session->global->signing_key_blob;
}
return key;
if (req->do_encryption) {
struct smbXsrv_session *x = req->session;
- DATA_BLOB encryption_key = x->global->encryption_key;
+ DATA_BLOB encryption_key = x->global->encryption_key_blob;
status = smb2_signing_encrypt_pdu(encryption_key,
xconn->smb2.server.cipher,
(firsttf->iov_len == 0) &&
(req->first_key.length == 0) &&
(req->session != NULL) &&
- (req->session->global->encryption_key.length != 0))
+ (req->session->global->encryption_key_blob.length != 0))
{
- DATA_BLOB encryption_key = req->session->global->encryption_key;
+ DATA_BLOB encryption_key = req->session->global->encryption_key_blob;
uint8_t *tf;
uint64_t session_id = req->session->global->session_wire_id;
uint64_t nonce_high;
}
if (do_encryption) {
- DATA_BLOB encryption_key = session->global->encryption_key;
+ DATA_BLOB encryption_key = session->global->encryption_key_blob;
status = smb2_signing_encrypt_pdu(encryption_key,
xconn->smb2.server.cipher,
memcpy(session_key, session_info->session_key.data,
MIN(session_info->session_key.length, sizeof(session_key)));
- x->global->signing_key = data_blob_talloc(x->global,
+ x->global->signing_key_blob = data_blob_talloc(x->global,
session_key,
sizeof(session_key));
- if (x->global->signing_key.data == NULL) {
+ if (x->global->signing_key_blob.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
- x->global->signing_key.data);
+ x->global->signing_key_blob.data);
}
if (xconn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.decryption;
- x->global->decryption_key = data_blob_talloc(x->global,
+ x->global->decryption_key_blob = data_blob_talloc(x->global,
session_key,
sizeof(session_key));
- if (x->global->decryption_key.data == NULL) {
+ if (x->global->decryption_key_blob.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
- x->global->decryption_key.data);
+ x->global->decryption_key_blob.data);
}
if (xconn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.encryption;
size_t nonce_size;
- x->global->encryption_key = data_blob_talloc(x->global,
+ x->global->encryption_key_blob = data_blob_talloc(x->global,
session_key,
sizeof(session_key));
- if (x->global->encryption_key.data == NULL) {
+ if (x->global->encryption_key_blob.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
- x->global->encryption_key.data);
+ x->global->encryption_key_blob.data);
/*
* CCM and GCM algorithms must never have their
x->nonce_low = 0;
}
- x->global->application_key = data_blob_dup_talloc(x->global,
- x->global->signing_key);
+ x->global->application_key =
+ data_blob_dup_talloc(x->global, x->global->signing_key_blob);
if (x->global->application_key.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
DEBUGADD(0, ("Session Key "));
dump_data(0, session_key, sizeof(session_key));
DEBUGADD(0, ("Signing Key "));
- dump_data(0, x->global->signing_key.data,
- x->global->signing_key.length);
+ dump_data(0, x->global->signing_key_blob.data,
+ x->global->signing_key_blob.length);
DEBUGADD(0, ("App Key "));
dump_data(0, x->global->application_key.data,
x->global->application_key.length);
/* In server code, ServerIn is the decryption key */
DEBUGADD(0, ("ServerIn Key "));
- dump_data(0, x->global->decryption_key.data,
- x->global->decryption_key.length);
+ dump_data(0, x->global->decryption_key_blob.data,
+ x->global->decryption_key_blob.length);
DEBUGADD(0, ("ServerOut Key "));
- dump_data(0, x->global->encryption_key.data,
- x->global->encryption_key.length);
+ dump_data(0, x->global->encryption_key_blob.data,
+ x->global->encryption_key_blob.length);
}
ZERO_STRUCT(session_key);
- x->global->channels[0].signing_key = data_blob_dup_talloc(x->global->channels,
- x->global->signing_key);
- if (x->global->channels[0].signing_key.data == NULL) {
+ x->global->channels[0].signing_key_blob =
+ data_blob_dup_talloc(x->global->channels,
+ x->global->signing_key_blob);
+ if (x->global->channels[0].signing_key_blob.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
memcpy(session_key, session_info->session_key.data,
MIN(session_info->session_key.length, sizeof(session_key)));
- c->signing_key = data_blob_talloc(x->global,
+ c->signing_key_blob = data_blob_talloc(x->global,
session_key,
sizeof(session_key));
- if (c->signing_key.data == NULL) {
+ if (c->signing_key_blob.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
- c->signing_key.data);
+ c->signing_key_blob.data);
}
ZERO_STRUCT(session_key);
smb2req->xconn,
&c);
if (NT_STATUS_IS_OK(status)) {
- if (c->signing_key.length == 0) {
+ if (c->signing_key_blob.length == 0) {
goto auth;
}
tevent_req_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);