libcli:auth: Use GnuTLS RC4 for netlogon credentials

author Andreas Schneider <asn@samba.org>

Thu, 31 Jan 2019 10:28:02 +0000 (11:28 +0100)

committer Andreas Schneider <asn@cryptomilk.org>

Thu, 27 Jun 2019 12:54:23 +0000 (12:54 +0000)
author Andreas Schneider <asn@samba.org>
Thu, 31 Jan 2019 10:28:02 +0000 (11:28 +0100)
committer Andreas Schneider <asn@cryptomilk.org>
Thu, 27 Jun 2019 12:54:23 +0000 (12:54 +0000)
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c

index 0b1d84b9799f1f07cff9fe21b5e8cccc9ee27f30..1a8e9ad10f09e6bc794f11a98c22144664bc3ae5 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -264,11 +264,24 @@ void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, st
  */
  void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
  {
-       DATA_BLOB session_key = data_blob(creds->session_key, 16);
-
-       arcfour_crypt_blob(data, len, &session_key);
+       gnutls_cipher_hd_t cipher_hnd = NULL;
+       gnutls_datum_t session_key = {
+               .data = creds->session_key,
+               .size = sizeof(creds->session_key),
+       };
+       int rc;
  
-       data_blob_free(&session_key);
+       rc = gnutls_cipher_init(&cipher_hnd,
+                               GNUTLS_CIPHER_ARCFOUR_128,
+                               &session_key,
+                               NULL);
+       if (rc < 0) {
+               return;
+       }
+       gnutls_cipher_encrypt(cipher_hnd,
+                             data,
+                             len);
+       gnutls_cipher_deinit(cipher_hnd);
  }
  
  /*
author	Andreas Schneider <asn@samba.org>
	Thu, 31 Jan 2019 10:28:02 +0000 (11:28 +0100)
committer	Andreas Schneider <asn@cryptomilk.org>
	Thu, 27 Jun 2019 12:54:23 +0000 (12:54 +0000)