62 static NTSTATUS ntlmssp_make_packet_signature(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
69 	if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
82 			SIVAL(seq_num, 0, gensec_ntlmssp_state->crypt.ntlm2.send_seq_num);
83 			gensec_ntlmssp_state->crypt.ntlm2.send_seq_num++;
84 			hmac_md5_init_limK_to_64(gensec_ntlmssp_state->crypt.ntlm2.send_sign_key.data, 
85 						 gensec_ntlmssp_state->crypt.ntlm2.send_sign_key.length, &ctx);
88 			SIVAL(seq_num, 0, gensec_ntlmssp_state->crypt.ntlm2.recv_seq_num);
89 			gensec_ntlmssp_state->crypt.ntlm2.recv_seq_num++;
90 			hmac_md5_init_limK_to_64(gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.data, 
91 						 gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.length, &ctx);
98 		if (encrypt_sig && gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
101 				arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, digest, 8);
104 				arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state, digest, 8);
120 			       sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, gensec_ntlmssp_state->crypt.ntlm.seq_num)) {
123 		gensec_ntlmssp_state->crypt.ntlm.seq_num++;
125 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm.arcfour_state, sig->data+4, sig->length-4);
140 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
142 	return ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx, 
159 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
164 	if (!gensec_ntlmssp_state->session_key.length) {
169 	nt_status = ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx, 
179 	if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
223 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
225 	if (!gensec_ntlmssp_state->session_key.length) {
232 	if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
236 		nt_status = ntlmssp_make_packet_signature(gensec_ntlmssp_state, sig_mem_ctx, 
240 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, data, length);
241 		if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
242 			arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, sig->data+4, 8);
248 			       sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, gensec_ntlmssp_state->crypt.ntlm.seq_num)) {
258 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm.arcfour_state, data, length);
259 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm.arcfour_state, sig->data+4, sig->length-4);
261 		gensec_ntlmssp_state->crypt.ntlm.seq_num++;
285 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
286 	if (!gensec_ntlmssp_state->session_key.length) {
292 	if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
293 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state, data, length);
295 		arcfour_crypt_sbox(gensec_ntlmssp_state->crypt.ntlm.arcfour_state, data, length);
305 NTSTATUS ntlmssp_sign_init(struct gensec_ntlmssp_state *gensec_ntlmssp_state)
307 	TALLOC_CTX *mem_ctx = talloc_new(gensec_ntlmssp_state);
314 	debug_ntlmssp_flags(gensec_ntlmssp_state->neg_flags);
316 	if (gensec_ntlmssp_state->session_key.length < 8) {
322 	if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2)
324 		DATA_BLOB weak_session_key = gensec_ntlmssp_state->session_key;
333 		switch (gensec_ntlmssp_state->role) {
351 		gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state = talloc(gensec_ntlmssp_state, struct arcfour_state);
352 		NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state);
353 		gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state = talloc(gensec_ntlmssp_state, struct arcfour_state);
354 		NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state);
370 		if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_128) {
372 		} else if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_56) {
382 		calc_ntlmv2_key(gensec_ntlmssp_state, 
383 				&gensec_ntlmssp_state->crypt.ntlm2.send_sign_key, 
384 				gensec_ntlmssp_state->session_key, send_sign_const);
386 			     gensec_ntlmssp_state->crypt.ntlm2.send_sign_key.data, 
387 			     gensec_ntlmssp_state->crypt.ntlm2.send_sign_key.length);
396 		arcfour_init(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state, 
399 			     gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state->sbox, 
400 			     sizeof(gensec_ntlmssp_state->crypt.ntlm2.send_seal_arcfour_state->sbox));
403 		calc_ntlmv2_key(gensec_ntlmssp_state, 
404 				&gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key, 
405 				gensec_ntlmssp_state->session_key, recv_sign_const);
407 			     gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.data, 
408 			     gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.length);
417 		arcfour_init(gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state, 
420 			     gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state->sbox, 
421 			     sizeof(gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state->sbox));
423 		gensec_ntlmssp_state->crypt.ntlm2.send_seq_num = 0;
424 		gensec_ntlmssp_state->crypt.ntlm2.recv_seq_num = 0;
427 		DATA_BLOB weak_session_key = ntlmssp_weakend_key(gensec_ntlmssp_state, mem_ctx);
430 		gensec_ntlmssp_state->crypt.ntlm.arcfour_state = talloc(gensec_ntlmssp_state, struct arcfour_state);
431 		NT_STATUS_HAVE_NO_MEMORY(gensec_ntlmssp_state->crypt.ntlm.arcfour_state);
433 		arcfour_init(gensec_ntlmssp_state->crypt.ntlm.arcfour_state, 
435 		dump_data_pw("NTLMSSP hash:\n", gensec_ntlmssp_state->crypt.ntlm.arcfour_state->sbox,
436 			     sizeof(gensec_ntlmssp_state->crypt.ntlm.arcfour_state->sbox));
438 		gensec_ntlmssp_state->crypt.ntlm.seq_num = 0;
527 		struct gensec_ntlmssp_state *gensec_ntlmssp_state =
528 		(struct gensec_ntlmssp_state *)gensec_security->private_data;
543 		if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
544 			ntlm2_seqnum_r = gensec_ntlmssp_state->crypt.ntlm2.recv_seq_num;
545 			ntlm2_state_r = *gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state;
547 			       gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.data,
550 			ntlm_seqnum = gensec_ntlmssp_state->crypt.ntlm.seq_num;
551 			ntlm_state = *gensec_ntlmssp_state->crypt.ntlm.arcfour_state;
566 			if (gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
567 				gensec_ntlmssp_state->crypt.ntlm2.recv_seq_num = ntlm2_seqnum_r;
568 				*gensec_ntlmssp_state->crypt.ntlm2.recv_seal_arcfour_state = ntlm2_state_r;
569 				memcpy(gensec_ntlmssp_state->crypt.ntlm2.recv_sign_key.data,
572 				gensec_ntlmssp_state->crypt.ntlm.seq_num = ntlm_seqnum;
573 				*gensec_ntlmssp_state->crypt.ntlm.arcfour_state = ntlm_state;
584 				gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;

Indexes created Sun Jun 30 11:05:36 MDT 2024