The branch, master has been updated via c3f96981755 lib:crypto: Do not build AES-CMAC if we use GnuTLS that supports it via 70ff03ecb68 libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu() via 1490f926006 libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_check_pdu() via 9d8ffc81a53 libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu() via ee11e3ffd8d libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_sign_pdu() via 69be6b84161 waf: Check for AES128 CMAC support in GnuTLS via 33bca1fb808 s3:smbd: Use GnuTLS for AES constants via b51c4293f74 s3:smbd: Use smb2_signing_key structure for the decryption key via 95e1c85a47e s3:smbd: Use smb2_signing_key structure for the encryption key via 87832f6140a libcli:smb: Use a smb2_signing_key for storing the decryption key via 48116a30d51 libcli:smb: Use a smb2_signing_key for storing the encryption key via 37dc63e8afa libcli:smb: Add gnutls_aead_cipher_hd_t to smb2_signing_key structure via 1b384f378c9 libcli:smb: Use GnuTLS for AES constants via 43a941f51b2 libcli:smb: Define SMB2_AES_128_CCM_NONCE_SIZE via 068da56a20a build: Remove explicit check for HAVE_GNUTLS_AEAD as we require GnuTLS 3.4.7 via 85a1c497392 s4-samdb: Remove duplicate encrypted_secrets code using internal Samba AES via e9859ad356b lib/crypto: Remove unused RC4 code from Samba via 2d54559aad9 s4-rpc_server/backupkey: consistently check error codes from GnuTLS via 52b91cb33c2 s4-rpc_server: Remove Heimdal-based BackupKey server via 974cebdf953 build: Set minimum GnuTLS version at 3.4.7 via 1f6104f09a3 lib:crypto: Prepare not to build AES or AES-CMAC if we use GnuTLS support it via fa8eddc39b4 auth/gensec: Use gnutls_error_to_ntstatus() in netsec_do_seal() via 025f6a135f9 auth:gensec: Use GnuTLS AES CFB8 in netsec_do_seal() via 3b27fd8a490 auth/gensec: Use gnutls_error_to_ntstatus() consistently in schannel via 58c781dc93e auth:gensec: Use GnuTLS AES128 CFB8 in netsec_do_seq_num() via fefd95091cc auth/credentials: Check NTSTATUS return from netlogon_creds_aes_encrypt() via 1aa249e7f4a s3-librpc: Remove unused init_netr_CryptPassword() via 1e427f55d71 s4-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt() via 2f827bec8ca s3-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt() via d515b255aa6 libcli:auth Check NTSTATUS from netlogon_creds_aes_{en,de}crypt() via 5ae119e7e9d crypto: Update REQUIREMENTS file with new minimum version via 8ec796f1a1d libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt() via a9672858615 libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_decrypt() via ded5aad21b5 libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt() via 054efd118d7 libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_encrypt() via cd97c478730 libcli:auth: Use netlogon_creds_aes_encrypt() in netlogon_creds_step_crypt() via 20a42459df4 waf: Check for GNUTLS AES CFB support via d46e538d524 s4:samdb: Only include necessary header files in encrypted_secrets via 7bf3c5d7640 s4:samdb: Remove dual-stack mode from (test_)encrypted_secrets via 92b9cdf99da encrypted_secrets: Add known and expected value test via feccdebe153 s4:samdb: Add test_gnutls_value_decryption() from 1b599e5c0d0 s3: net: net_ads: fix a typo in comment
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit c3f969817553dc9c9db88741bad51100b4d24604 Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 15 14:54:13 2019 +0100 lib:crypto: Do not build AES-CMAC if we use GnuTLS that supports it This requires GnuTLS >= 3.6.5. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Wed Aug 21 11:14:11 UTC 2019 on sn-devel-184 commit 70ff03ecb6826525727d87ef8807428f91f4e506 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 15:50:03 2019 +1200 libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1490f9260060104b31beefac9e61addd36b1919a Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 15 16:58:21 2019 +0100 libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_check_pdu() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9d8ffc81a53b6b3d7c29f0da8fd71e696ca7e9d8 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 15:47:49 2019 +1200 libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit ee11e3ffd8d801cb5988bb73dbccd1e2f0cbe7b0 Author: Andreas Schneider <a...@samba.org> Date: Wed Feb 27 14:40:30 2019 +0100 libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_sign_pdu() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adapted by Andrew Bartlett to followup from earlier patch to allow compile without GnuTLS over the whole series. Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 69be6b8416198cfa8e2404a0a62ce6432425adef Author: Andreas Schneider <a...@samba.org> Date: Wed Feb 27 14:40:07 2019 +0100 waf: Check for AES128 CMAC support in GnuTLS Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 33bca1fb8087f7392a8ff0d295a5bdc01f1012e7 Author: Andreas Schneider <a...@samba.org> Date: Tue Feb 26 18:11:27 2019 +0100 s3:smbd: Use GnuTLS for AES constants Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adapted to remove Samba AES Signed-off-by: Andrew Bartlett <abart...@samba.org> commit b51c4293f7430b5ce6a81599fb0c7be5dc444c46 Author: Andreas Schneider <a...@samba.org> Date: Thu Mar 14 10:10:34 2019 +0100 s3:smbd: Use smb2_signing_key structure for the decryption key Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 95e1c85a47e925fdb9105b85f0e1dbea1ff09950 Author: Andreas Schneider <a...@samba.org> Date: Thu Mar 14 10:02:27 2019 +0100 s3:smbd: Use smb2_signing_key structure for the encryption key Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 87832f6140aa5afb42983a1291ba6faa250c7ea3 Author: Andreas Schneider <a...@samba.org> Date: Thu Mar 14 09:48:54 2019 +0100 libcli:smb: Use a smb2_signing_key for storing the decryption key Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 48116a30d51d9bac6201a8b94262aa78b451ad63 Author: Andreas Schneider <a...@samba.org> Date: Thu Mar 14 09:34:23 2019 +0100 libcli:smb: Use a smb2_signing_key for storing the encryption key Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 37dc63e8afab8e1f88dc8a4b77c6ef3337933eb1 Author: Andreas Schneider <a...@samba.org> Date: Thu Mar 14 09:26:04 2019 +0100 libcli:smb: Add gnutls_aead_cipher_hd_t to smb2_signing_key structure Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 1b384f378c95f550718ac697271327442e3d09dd Author: Andreas Schneider <a...@samba.org> Date: Tue Feb 26 18:12:57 2019 +0100 libcli:smb: Use GnuTLS for AES constants Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 43a941f51b2954ffa1a7ab8a9d5c4a18e654b9f6 Author: Andreas Schneider <a...@samba.org> Date: Tue Feb 26 18:06:46 2019 +0100 libcli:smb: Define SMB2_AES_128_CCM_NONCE_SIZE Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 068da56a20a2712e498fb3724407836bda2f977b Author: Andrew Bartlett <abart...@samba.org> Date: Thu Aug 15 17:28:30 2019 +1200 build: Remove explicit check for HAVE_GNUTLS_AEAD as we require GnuTLS 3.4.7 We strictly require it and if this were to fail we would want the compile to fail. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 85a1c4973921fdf9412ec56a3ed6a77f3ab84116 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Jul 31 16:37:00 2019 +1200 s4-samdb: Remove duplicate encrypted_secrets code using internal Samba AES We now rely on GnuTLS 3.4.7 or later. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit e9859ad356b42f39585dcef1a38def97a50a3744 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Aug 15 14:23:35 2019 +1200 lib/crypto: Remove unused RC4 code from Samba Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2d54559aad9af81cf21d223dad28b48184c59f44 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 16:08:57 2019 +1200 s4-rpc_server/backupkey: consistently check error codes from GnuTLS This uses the new gnutls_error_to_werror() This should resolve Coverity 1452111 as forwarded by Volker. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 52b91cb33c281aeecc6270824cadac6cefbcb136 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Jul 31 16:13:38 2019 +1200 s4-rpc_server: Remove Heimdal-based BackupKey server We rely on a modern GnuTLS now. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 974cebdf953259f41ecfc7375bc31d72af53f51e Author: Andrew Bartlett <abart...@samba.org> Date: Thu Aug 15 14:25:41 2019 +1200 build: Set minimum GnuTLS version at 3.4.7 This will soon be required for encrypted_secrets in the AD DC, the BackupKey server and SMB2 as we remove use of the internal AES code. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1f6104f09a30cf3816fd5a580ce1b4be5b94848c Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 15 14:54:13 2019 +0100 lib:crypto: Prepare not to build AES or AES-CMAC if we use GnuTLS support it Samba will soon require GnuTLS >= 3.4.7. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adjusted by Andrew Bartlett from an earlier more comprehensive patch by Andreas Signed-off-by: Andrew Bartlett <abart...@samba.org> commit fa8eddc39b4ea9d316201019b603025df5c2fa5e Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 15:45:43 2019 +1200 auth/gensec: Use gnutls_error_to_ntstatus() in netsec_do_seal() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 025f6a135f930264ddcf1cd1b9e1004464618194 Author: Andreas Schneider <a...@samba.org> Date: Mon Mar 18 16:24:54 2019 +0100 auth:gensec: Use GnuTLS AES CFB8 in netsec_do_seal() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 3b27fd8a490f29cbc94b8ac377b3a2cb6db7598c Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 15:43:01 2019 +1200 auth/gensec: Use gnutls_error_to_ntstatus() consistently in schannel Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 58c781dc93e24895b2c4b97fa311c66af30e278e Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 1 17:55:02 2019 +0100 auth:gensec: Use GnuTLS AES128 CFB8 in netsec_do_seq_num() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit fefd95091cc52f5e2655fa392312a8b1fa1d35fd Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 14:29:45 2019 +1200 auth/credentials: Check NTSTATUS return from netlogon_creds_aes_encrypt() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1aa249e7f4a1c4222b4cc79bac64c8b95c89d868 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 14:22:42 2019 +1200 s3-librpc: Remove unused init_netr_CryptPassword() Unused since 38d4dba37406515181e4d6f1a1faffc18e652e27 in 2013 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1e427f55d71350b25a8a26e94a5cb7895d8efdf6 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 14:15:45 2019 +1200 s4-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2f827bec8ca831fb486c8ebedc6b89b7f1cb99e2 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 14:05:38 2019 +1200 s3-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit d515b255aa67186ff375af0b465c49722eb56427 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 13:55:49 2019 +1200 libcli:auth Check NTSTATUS from netlogon_creds_aes_{en,de}crypt() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 5ae119e7e9ddcfb3473e14585ba6079147a307bd Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 13:52:36 2019 +1200 crypto: Update REQUIREMENTS file with new minimum version Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8ec796f1a1daa444bba06f34a50d2b62ee4a2ef9 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Aug 16 12:34:28 2019 +1200 libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit a96728586150768957b88a0714b15f13ee9f81af Author: Andreas Schneider <a...@samba.org> Date: Mon Mar 18 15:13:08 2019 +0100 libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_decrypt() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit ded5aad21b54b8783f7390fb2eca483d3861eeff Author: Andreas Schneider <a...@samba.org> Date: Wed May 29 16:38:09 2019 +0200 libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus() Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 054efd118d7500e28f118722312aaae0df2749b0 Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 1 17:41:11 2019 +0100 libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_encrypt() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit cd97c47873007bfc502926070a758b520d95abf1 Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 1 17:33:01 2019 +0100 libcli:auth: Use netlogon_creds_aes_encrypt() in netlogon_creds_step_crypt() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 20a42459df4fdd57cdf1807a3d97dc5b1c553476 Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 1 17:35:02 2019 +0100 waf: Check for GNUTLS AES CFB support Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d46e538d52433f5f30a5696e5b18bc4b82101951 Author: Andreas Schneider <a...@samba.org> Date: Tue Feb 26 18:33:09 2019 +0100 s4:samdb: Only include necessary header files in encrypted_secrets Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7bf3c5d7640daaf5dc799eaf698618903ec09127 Author: Andreas Schneider <a...@samba.org> Date: Tue Feb 26 18:32:34 2019 +0100 s4:samdb: Remove dual-stack mode from (test_)encrypted_secrets Now we either build with GnuTLS or Samba crypto. If a modern GnuTLS version is detected that will be used and Samba crypto wont be available. This removes the dual-stack mode that encrypted with one and decrypted with the other in the testsuite. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Commit message clarified by Andrew Bartlett Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 92b9cdf99da1f8657c166d413c5136c8db938a9e Author: Andrew Bartlett <abart...@samba.org> Date: Thu Aug 15 15:27:30 2019 +1200 encrypted_secrets: Add known and expected value test Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit feccdebe1532030e984e788a6a2c306c0f5c38c5 Author: Andreas Schneider <a...@samba.org> Date: Mon Jul 29 09:21:11 2019 +0200 s4:samdb: Add test_gnutls_value_decryption() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/credentials/credentials.c | 14 +- auth/gensec/schannel.c | 131 +- lib/crypto/REQUIREMENTS | 3 +- lib/crypto/arcfour.c | 93 - lib/crypto/arcfour.h | 17 - lib/crypto/wscript_build | 59 +- libcli/auth/credentials.c | 166 +- libcli/auth/proto.h | 8 +- libcli/smb/smb2_constants.h | 3 + libcli/smb/smb2_signing.c | 76 + libcli/smb/smb2_signing.h | 3 + libcli/smb/smbXcli_base.c | 59 +- source3/librpc/idl/smbXsrv.idl | 2 + source3/rpc_client/cli_netlogon.c | 1 - source3/rpc_client/init_netlogon.c | 50 - source3/rpc_client/init_netlogon.h | 29 - source3/rpc_server/netlogon/srv_netlog_nt.c | 10 +- source3/smbd/smb2_server.c | 19 +- source3/smbd/smb2_sesssetup.c | 55 +- source3/wscript_build | 5 - source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 271 +-- .../ldb_modules/tests/test_encrypted_secrets.c | 429 ++-- source4/rpc_server/backupkey/dcesrv_backupkey.c | 146 +- .../backupkey/dcesrv_backupkey_heimdal.c | 1861 ----------------- source4/rpc_server/netlogon/dcerpc_netlogon.c | 21 +- source4/rpc_server/wscript_build | 24 +- source4/torture/local/local.c | 7 + source4/torture/rpc/backupkey_heimdal.c | 2160 -------------------- source4/torture/wscript_build | 9 +- wscript_configure_system_gnutls | 30 +- 30 files changed, 736 insertions(+), 5025 deletions(-) delete mode 100644 lib/crypto/arcfour.c delete mode 100644 lib/crypto/arcfour.h delete mode 100644 source3/rpc_client/init_netlogon.c delete mode 100644 source3/rpc_client/init_netlogon.h delete mode 100644 source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c delete mode 100644 source4/torture/rpc/backupkey_heimdal.c Changeset truncated at 500 lines: diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c index 5ebec483705..81f9dbb9eb3 100644 --- a/auth/credentials/credentials.c +++ b/auth/credentials/credentials.c @@ -1333,19 +1333,19 @@ _PUBLIC_ NTSTATUS netlogon_creds_session_encrypt( return NT_STATUS_INVALID_PARAMETER; } if (state->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - netlogon_creds_aes_encrypt(state, - data.data, - data.length); + status = netlogon_creds_aes_encrypt(state, + data.data, + data.length); } else if (state->negotiate_flags & NETLOGON_NEG_ARCFOUR) { status = netlogon_creds_arcfour_crypt(state, data.data, data.length); - if (!NT_STATUS_IS_OK(status)) { - return status; - } } else { DBG_ERR("Unsupported encryption option negotiated"); - return NT_STATUS_NOT_SUPPORTED; + status = NT_STATUS_NOT_SUPPORTED; + } + if (!NT_STATUS_IS_OK(status)) { + return status; } return NT_STATUS_OK; } diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 8ba1eafc76d..18ed92b703b 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -33,9 +33,12 @@ #include "librpc/gen_ndr/dcerpc.h" #include "param/param.h" #include "auth/gensec/gensec_toplevel_proto.h" -#include "lib/crypto/aes.h" #include "libds/common/roles.h" +#ifndef HAVE_GNUTLS_AES_CFB8 +#include "lib/crypto/aes.h" +#endif + #include "lib/crypto/gnutls_helpers.h" #include <gnutls/gnutls.h> #include <gnutls/crypto.h> @@ -147,6 +150,43 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state, uint8_t seq_num[8]) { if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { +#ifdef HAVE_GNUTLS_AES_CFB8 + gnutls_cipher_hd_t cipher_hnd = NULL; + gnutls_datum_t key = { + .data = state->creds->session_key, + .size = sizeof(state->creds->session_key), + }; + uint32_t iv_size = + gnutls_cipher_get_iv_size(GNUTLS_CIPHER_AES_128_CFB8); + uint8_t _iv[iv_size]; + gnutls_datum_t iv = { + .data = _iv, + .size = iv_size, + }; + int rc; + + ZERO_ARRAY(_iv); + + memcpy(iv.data + 0, checksum, 8); + memcpy(iv.data + 8, checksum, 8); + + rc = gnutls_cipher_init(&cipher_hnd, + GNUTLS_CIPHER_AES_128_CFB8, + &key, + &iv); + if (rc < 0) { + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + + rc = gnutls_cipher_encrypt(cipher_hnd, seq_num, 8); + gnutls_cipher_deinit(cipher_hnd); + if (rc < 0) { + return gnutls_error_to_ntstatus(rc, + NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + +#else /* NOT HAVE_GNUTLS_AES_CFB8 */ AES_KEY key; uint8_t iv[AES_BLOCK_SIZE]; @@ -156,6 +196,7 @@ static NTSTATUS netsec_do_seq_num(struct schannel_state *state, memcpy(iv+8, checksum, 8); aes_cfb8_encrypt(seq_num, seq_num, 8, &key, iv, AES_ENCRYPT); +#endif /* HAVE_GNUTLS_AES_CFB8 */ } else { static const uint8_t zeros[4]; uint8_t _sequence_key[16]; @@ -220,6 +261,87 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, bool forward) { if (state->creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { +#ifdef HAVE_GNUTLS_AES_CFB8 + gnutls_cipher_hd_t cipher_hnd = NULL; + uint8_t sess_kf0[16] = {0}; + gnutls_datum_t key = { + .data = sess_kf0, + .size = sizeof(sess_kf0), + }; + uint32_t iv_size = + gnutls_cipher_get_iv_size(GNUTLS_CIPHER_AES_128_CFB8); + uint8_t _iv[iv_size]; + gnutls_datum_t iv = { + .data = _iv, + .size = iv_size, + }; + uint32_t i; + int rc; + + for (i = 0; i < key.size; i++) { + key.data[i] = state->creds->session_key[i] ^ 0xf0; + } + + ZERO_ARRAY(_iv); + + memcpy(iv.data + 0, seq_num, 8); + memcpy(iv.data + 8, seq_num, 8); + + rc = gnutls_cipher_init(&cipher_hnd, + GNUTLS_CIPHER_AES_128_CFB8, + &key, + &iv); + if (rc < 0) { + DBG_ERR("ERROR: gnutls_cipher_init: %s\n", + gnutls_strerror(rc)); + return NT_STATUS_NO_MEMORY; + } + + if (forward) { + rc = gnutls_cipher_encrypt(cipher_hnd, + confounder, + 8); + if (rc < 0) { + gnutls_cipher_deinit(cipher_hnd); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + + /* + * Looks like we have to reuse the initial IV which is + * cryptographically wrong! + */ + gnutls_cipher_set_iv(cipher_hnd, iv.data, iv.size); + rc = gnutls_cipher_encrypt(cipher_hnd, + data, + length); + if (rc < 0) { + gnutls_cipher_deinit(cipher_hnd); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + } else { + rc = gnutls_cipher_decrypt(cipher_hnd, + confounder, + 8); + if (rc < 0) { + gnutls_cipher_deinit(cipher_hnd); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + + /* + * Looks like we have to reuse the initial IV which is + * cryptographically wrong! + */ + gnutls_cipher_set_iv(cipher_hnd, iv.data, iv.size); + rc = gnutls_cipher_decrypt(cipher_hnd, + data, + length); + if (rc < 0) { + gnutls_cipher_deinit(cipher_hnd); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } + } + gnutls_cipher_deinit(cipher_hnd); +#else /* NOT HAVE_GNUTLS_AES_CFB8 */ AES_KEY key; uint8_t iv[AES_BLOCK_SIZE]; uint8_t sess_kf0[16]; @@ -241,6 +363,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, aes_cfb8_encrypt(confounder, confounder, 8, &key, iv, AES_DECRYPT); aes_cfb8_encrypt(data, data, length, &key, iv, AES_DECRYPT); } +#endif /* HAVE_GNUTLS_AES_CFB8 */ } else { gnutls_cipher_hd_t cipher_hnd; uint8_t _sealing_key[16]; @@ -266,7 +389,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, digest2); if (rc < 0) { ZERO_ARRAY(digest2); - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac_fast(GNUTLS_MAC_MD5, @@ -278,7 +401,7 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, ZERO_ARRAY(digest2); if (rc < 0) { - return NT_STATUS_INTERNAL_ERROR; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_cipher_init(&cipher_hnd, @@ -328,7 +451,7 @@ static NTSTATUS netsec_do_sign(struct schannel_state *state, state->creds->session_key, sizeof(state->creds->session_key)); if (rc < 0) { - return NT_STATUS_NO_MEMORY; + return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } if (confounder) { diff --git a/lib/crypto/REQUIREMENTS b/lib/crypto/REQUIREMENTS index ff91a2f9174..5ebf3ba0e05 100644 --- a/lib/crypto/REQUIREMENTS +++ b/lib/crypto/REQUIREMENTS @@ -4,8 +4,7 @@ This list is to allow research into using external crypto libraries. Those possibly supported in the git version of GnuTLS are indicated as '# GNUTLS' Those possibly supported in the git version of nettle are indicated as '# NETTLE' -For Samba AD with Heimdal gnutls >= 3.0.0 is required -For Samba AD with MIT kerberos gnutls >= 3.4.7 is required +Samba in general gnutls >= 3.4.7 is required Samba FS with MS Catalog support will require gnutls >= 3.5.6 GnuTLS Milestone for Samba support: diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c deleted file mode 100644 index af9b20cc01e..00000000000 --- a/lib/crypto/arcfour.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - An implementation of the arcfour algorithm - - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "replace.h" -#include "../lib/crypto/arcfour.h" - -/* initialise the arcfour sbox with key */ -_PUBLIC_ void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key) -{ - size_t ind; - uint8_t j = 0; - for (ind = 0; ind < sizeof(state->sbox); ind++) { - state->sbox[ind] = (uint8_t)ind; - } - - for (ind = 0; ind < sizeof(state->sbox); ind++) { - uint8_t tc; - - j += (state->sbox[ind] + key->data[ind%key->length]); - - tc = state->sbox[ind]; - state->sbox[ind] = state->sbox[j]; - state->sbox[j] = tc; - } - state->index_i = 0; - state->index_j = 0; -} - -/* crypt the data with arcfour */ -_PUBLIC_ void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, - int len) -{ - int ind; - - for (ind = 0; ind < len; ind++) { - uint8_t tc; - uint8_t t; - - state->index_i++; - state->index_j += state->sbox[state->index_i]; - - tc = state->sbox[state->index_i]; - state->sbox[state->index_i] = state->sbox[state->index_j]; - state->sbox[state->index_j] = tc; - - t = state->sbox[state->index_i] + state->sbox[state->index_j]; - data[ind] = data[ind] ^ state->sbox[t]; - } -} - -/* - arcfour encryption with a blob key -*/ -_PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key) -{ - struct arcfour_state state; - arcfour_init(&state, key); - arcfour_crypt_sbox(&state, data, len); -} - -/* - a variant that assumes a 16 byte key. This should be removed - when the last user is gone -*/ -_PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len) -{ - uint8_t keycopy[16]; - DATA_BLOB key = { .data = keycopy, .length = sizeof(keycopy) }; - - memcpy(keycopy, keystr, sizeof(keycopy)); - - arcfour_crypt_blob(data, len, &key); -} - - diff --git a/lib/crypto/arcfour.h b/lib/crypto/arcfour.h deleted file mode 100644 index a9f80c474d5..00000000000 --- a/lib/crypto/arcfour.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef ARCFOUR_HEADER_H -#define ARCFOUR_HEADER_H - -#include "../lib/util/data_blob.h" - -struct arcfour_state { - uint8_t sbox[256]; - uint8_t index_i; - uint8_t index_j; -}; - -void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key); -void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len); -void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key); -void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len); - -#endif /* ARCFOUR_HEADER_H */ diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build index a26c10b627b..4f1665a7fd9 100644 --- a/lib/crypto/wscript_build +++ b/lib/crypto/wscript_build @@ -12,35 +12,60 @@ bld.SAMBA_SUBSYSTEM('GNUTLS_HELPERS', ''', deps='gnutls samba-errors'); -# We have a GnuTLS DCEPRC backupkey implementation for the server and the test. -# However this is only working with GnuTLS >= 3.4.7. So we need to keep this -# around till we can require at least GnuTLS in a newer version. -bld.SAMBA_SUBSYSTEM('LIBCRYPTO_RC4', - source='arcfour.c', +bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_CCM', + source='aes_ccm_128.c', + deps='talloc') + +bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_GCM', + source='aes_gcm_128.c', + deps='talloc') + +bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES', + source='aes.c rijndael-alg-fst.c', + deps='talloc') + +bld.SAMBA_SUBSYSTEM('LIBCRYPTO_AES_CMAC', + source='aes_cmac_128.c', deps='talloc', - enabled=not bld.CONFIG_SET('HAVE_GNUTLS_3_4_7')) + enabled=not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC')) bld.SAMBA_SUBSYSTEM('LIBCRYPTO', source=''' md4.c - aes.c - rijndael-alg-fst.c - aes_cmac_128.c - aes_ccm_128.c - aes_gcm_128.c ''', deps=''' talloc - LIBCRYPTO_RC4 + LIBCRYPTO_AES + LIBCRYPTO_AES_CCM + LIBCRYPTO_AES_GCM + LIBCRYPTO_AES_CMAC ''' + extra_deps) +bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO_AES_CCM', + source='aes_ccm_128_test.c', + autoproto='aes_ccm_test_proto.h', + deps='talloc') + +bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO_AES_GCM', + source='aes_gcm_128_test.c', + autoproto='aes_gcm_test_proto.h', + deps='talloc') + +bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO_AES_CMAC', + source='aes_cmac_128_test.c', + autoproto='aes_cmac_test_proto.h', + deps='talloc', + enabled=not bld.CONFIG_SET('HAVE_GNUTLS_AES_CMAC')) + bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO', - source='''md4test.c - aes_cmac_128_test.c aes_ccm_128_test.c aes_gcm_128_test.c - ''', + source='md4test.c', autoproto='test_proto.h', - deps='LIBCRYPTO' - ) + deps=''' + LIBCRYPTO + TORTURE_LIBCRYPTO_AES_CCM + TORTURE_LIBCRYPTO_AES_GCM + TORTURE_LIBCRYPTO_AES_CMAC + ''') bld.SAMBA_PYTHON('python_crypto', source='py_crypto.c', diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 319dacdac0b..baa436df71b 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -22,10 +22,13 @@ #include "includes.h" #include "system/time.h" -#include "../lib/crypto/crypto.h" #include "libcli/auth/libcli_auth.h" #include "../libcli/security/dom_sid.h" +#ifndef HAVE_GNUTLS_AES_CFB8 +#include "lib/crypto/aes.h" +#endif + #include "lib/crypto/gnutls_helpers.h" #include <gnutls/gnutls.h> #include <gnutls/crypto.h> @@ -35,12 +38,9 @@ static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *cre struct netr_Credential *out) { if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE] = {0}; - - AES_set_encrypt_key(creds->session_key, 128, &key); + memcpy(out->data, in->data, sizeof(out->data)); - aes_cfb8_encrypt(in->data, out->data, 8, &key, iv, AES_ENCRYPT); + netlogon_creds_aes_encrypt(creds, out->data, sizeof(out->data)); } else { des_crypt112(out->data, in->data, creds->session_key, 1); } @@ -296,27 +296,101 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre /* AES encrypt a password buffer using the session key */ -void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) +NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, + uint8_t *data, + size_t len) { +#ifdef HAVE_GNUTLS_AES_CFB8 + gnutls_cipher_hd_t cipher_hnd = NULL; + gnutls_datum_t key = { + .data = creds->session_key, + .size = sizeof(creds->session_key), + }; + uint32_t iv_size = + gnutls_cipher_get_iv_size(GNUTLS_CIPHER_AES_128_CFB8); + uint8_t _iv[iv_size]; + gnutls_datum_t iv = { + .data = _iv, + .size = iv_size, + }; + int rc; + -- Samba Shared Repository