struct dcinfo **ppdc);
bool secrets_store_generic(const char *owner, const char *key, const char *secret);
char *secrets_fetch_generic(const char *owner, const char *key);
+bool secrets_store_local_schannel_key(uint8_t schannel_key[16]);
+bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]);
/* The following definitions come from passdb/util_builtin.c */
#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
+#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
+
/* Authenticated user info is stored in secrets.tdb under these keys */
#define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
return True;
}
+bool secrets_store_local_schannel_key(uint8_t schannel_key[16])
+{
+ return secrets_store(SECRETS_LOCAL_SCHANNEL_KEY, schannel_key, 16);
+}
+
+bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16])
+{
+ size_t size = 0;
+ uint8_t *key;
+
+ key = (uint8_t *)secrets_fetch(SECRETS_LOCAL_SCHANNEL_KEY, &size);
+ if (key == NULL) {
+ return false;
+ }
+
+ if (size != 16) {
+ SAFE_FREE(key);
+ return false;
+ }
+
+ memcpy(schannel_key, key, 16);
+ SAFE_FREE(key);
+ return true;
+}
+
/**
* Form a key for fetching the machine trust account sec channel type
*