NTLMSSP_RECEIVE
};
+struct ntlmssp_crypt_direction {
+ uint32_t seq_num;
+ uint8_t sign_key[16];
+ struct arcfour_state seal_state;
+};
+
+union ntlmssp_crypt_state {
+ /* NTLM */
+ struct ntlmssp_crypt_direction ntlm;
+
+ /* NTLM2 */
+ struct {
+ struct ntlmssp_crypt_direction sending;
+ struct ntlmssp_crypt_direction receiving;
+ } ntlm2;
+};
+
static NTSTATUS ntlmssp_make_packet_signature(struct ntlmssp_state *ntlmssp_state,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
switch (direction) {
case NTLMSSP_SEND:
DEBUG(100,("ntlmssp_make_packet_signature: SEND seq = %u, len = %u, pdu_len = %u\n",
- ntlmssp_state->ntlm2_send_seq_num,
+ ntlmssp_state->crypt->ntlm2.sending.seq_num,
(unsigned int)length,
(unsigned int)pdu_length));
- SIVAL(seq_num, 0, ntlmssp_state->ntlm2_send_seq_num);
- ntlmssp_state->ntlm2_send_seq_num++;
- hmac_md5_init_limK_to_64(ntlmssp_state->send_sign_key, 16, &ctx);
+ SIVAL(seq_num, 0, ntlmssp_state->crypt->ntlm2.sending.seq_num);
+ ntlmssp_state->crypt->ntlm2.sending.seq_num++;
+ hmac_md5_init_limK_to_64(ntlmssp_state->crypt->ntlm2.sending.sign_key, 16, &ctx);
break;
case NTLMSSP_RECEIVE:
DEBUG(100,("ntlmssp_make_packet_signature: RECV seq = %u, len = %u, pdu_len = %u\n",
- ntlmssp_state->ntlm2_recv_seq_num,
+ ntlmssp_state->crypt->ntlm2.receiving.seq_num,
(unsigned int)length,
(unsigned int)pdu_length));
- SIVAL(seq_num, 0, ntlmssp_state->ntlm2_recv_seq_num);
- ntlmssp_state->ntlm2_recv_seq_num++;
- hmac_md5_init_limK_to_64(ntlmssp_state->recv_sign_key, 16, &ctx);
+ SIVAL(seq_num, 0, ntlmssp_state->crypt->ntlm2.receiving.seq_num);
+ ntlmssp_state->crypt->ntlm2.receiving.seq_num++;
+ hmac_md5_init_limK_to_64(ntlmssp_state->crypt->ntlm2.receiving.sign_key, 16, &ctx);
break;
}
if (encrypt_sig && (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH)) {
switch (direction) {
case NTLMSSP_SEND:
- arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm2.sending.seal_state,
digest, 8);
break;
case NTLMSSP_RECEIVE:
- arcfour_crypt_sbox(&ntlmssp_state->recv_seal_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm2.receiving.seal_state,
digest, 8);
break;
}
ok = msrpc_gen(ntlmssp_state,
sig, "dddd",
NTLMSSP_SIGN_VERSION, 0, crc,
- ntlmssp_state->ntlmv1_seq_num);
+ ntlmssp_state->crypt->ntlm.seq_num);
if (!ok) {
return NT_STATUS_NO_MEMORY;
}
- ntlmssp_state->ntlmv1_seq_num++;
+ ntlmssp_state->crypt->ntlm.seq_num++;
dump_arc4_state("ntlmssp hash: \n",
- &ntlmssp_state->ntlmv1_arc4_state);
- arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state,
+ &ntlmssp_state->crypt->ntlm.seal_state);
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm.seal_state,
sig->data+4, sig->length-4);
}
return NT_STATUS_OK;
return nt_status;
}
- arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm2.sending.seal_state,
data, length);
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
- arcfour_crypt_sbox(&ntlmssp_state->send_seal_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm2.sending.seal_state,
sig->data+4, 8);
}
} else {
ok = msrpc_gen(ntlmssp_state,
sig, "dddd",
NTLMSSP_SIGN_VERSION, 0, crc,
- ntlmssp_state->ntlmv1_seq_num);
+ ntlmssp_state->crypt->ntlm.seq_num);
if (!ok) {
return NT_STATUS_NO_MEMORY;
}
*/
dump_arc4_state("ntlmv1 arc4 state:\n",
- &ntlmssp_state->ntlmv1_arc4_state);
- arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state,
+ &ntlmssp_state->crypt->ntlm.seal_state);
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm.seal_state,
data, length);
dump_arc4_state("ntlmv1 arc4 state:\n",
- &ntlmssp_state->ntlmv1_arc4_state);
+ &ntlmssp_state->crypt->ntlm.seal_state);
- arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm.seal_state,
sig->data+4, sig->length-4);
- ntlmssp_state->ntlmv1_seq_num++;
+ ntlmssp_state->crypt->ntlm.seq_num++;
}
dump_data_pw("ntlmssp signature\n", sig->data, sig->length);
dump_data_pw("ntlmssp sealed data\n", data, length);
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
/* First unseal the data. */
- arcfour_crypt_sbox(&ntlmssp_state->recv_seal_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm2.receiving.seal_state,
data, length);
dump_data_pw("ntlmv2 clear data\n", data, length);
} else {
- arcfour_crypt_sbox(&ntlmssp_state->ntlmv1_arc4_state,
+ arcfour_crypt_sbox(&ntlmssp_state->crypt->ntlm.seal_state,
data, length);
dump_data_pw("ntlmv1 clear data\n", data, length);
}
return NT_STATUS_NO_USER_SESSION_KEY;
}
+ ntlmssp_state->crypt = talloc_zero(ntlmssp_state,
+ union ntlmssp_crypt_state);
+ if (ntlmssp_state->crypt == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
DATA_BLOB weak_session_key = ntlmssp_state->session_key;
const char *send_sign_const;
weak_session_key.length);
/* SEND: sign key */
- calc_ntlmv2_key(ntlmssp_state->send_sign_key,
+ calc_ntlmv2_key(ntlmssp_state->crypt->ntlm2.sending.sign_key,
ntlmssp_state->session_key, send_sign_const);
dump_data_pw("NTLMSSP send sign key:\n",
- ntlmssp_state->send_sign_key, 16);
+ ntlmssp_state->crypt->ntlm2.sending.sign_key, 16);
/* SEND: seal ARCFOUR pad */
calc_ntlmv2_key(send_seal_key,
weak_session_key, send_seal_const);
dump_data_pw("NTLMSSP send seal key:\n", send_seal_key, 16);
- arcfour_init(&ntlmssp_state->send_seal_arc4_state,
+ arcfour_init(&ntlmssp_state->crypt->ntlm2.sending.seal_state,
&send_seal_blob);
dump_arc4_state("NTLMSSP send seal arc4 state:\n",
- &ntlmssp_state->send_seal_arc4_state);
+ &ntlmssp_state->crypt->ntlm2.sending.seal_state);
/* SEND: seq num */
- ntlmssp_state->ntlm2_send_seq_num = 0;
+ ntlmssp_state->crypt->ntlm2.sending.seq_num = 0;
/* RECV: sign key */
- calc_ntlmv2_key(ntlmssp_state->recv_sign_key,
+ calc_ntlmv2_key(ntlmssp_state->crypt->ntlm2.receiving.sign_key,
ntlmssp_state->session_key, recv_sign_const);
dump_data_pw("NTLMSSP recv sign key:\n",
- ntlmssp_state->recv_sign_key, 16);
+ ntlmssp_state->crypt->ntlm2.receiving.sign_key, 16);
/* RECV: seal ARCFOUR pad */
calc_ntlmv2_key(recv_seal_key,
weak_session_key, recv_seal_const);
dump_data_pw("NTLMSSP recv seal key:\n", recv_seal_key, 16);
- arcfour_init(&ntlmssp_state->recv_seal_arc4_state,
+ arcfour_init(&ntlmssp_state->crypt->ntlm2.receiving.seal_state,
&recv_seal_blob);
dump_arc4_state("NTLMSSP recv seal arc4 state:\n",
- &ntlmssp_state->recv_seal_arc4_state);
+ &ntlmssp_state->crypt->ntlm2.receiving.seal_state);
/* RECV: seq num */
- ntlmssp_state->ntlm2_recv_seq_num = 0;
+ ntlmssp_state->crypt->ntlm2.receiving.seq_num = 0;
} else {
uint8_t weak_session_key[8];
DATA_BLOB seal_session_key = ntlmssp_state->session_key;
}
}
- arcfour_init(&ntlmssp_state->ntlmv1_arc4_state,
+ arcfour_init(&ntlmssp_state->crypt->ntlm.seal_state,
&seal_session_key);
dump_arc4_state("NTLMv1 arc4 state:\n",
- &ntlmssp_state->ntlmv1_arc4_state);
+ &ntlmssp_state->crypt->ntlm.seal_state);
- ntlmssp_state->ntlmv1_seq_num = 0;
+ ntlmssp_state->crypt->ntlm.seq_num = 0;
}
return NT_STATUS_OK;
git.samba.org / ira / wip.git / commitdiff