}
if (session->transport->signing_required) {
- if (session->session_key.length != 16) {
- DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
+ if (session->session_key.length == 0) {
+ DEBUG(0,("Wrong session key length %u for SMB2 signing\n",
(unsigned)session->session_key.length));
composite_error(c, NT_STATUS_ACCESS_DENIED);
return;
return NT_STATUS_OK;
}
- if (session_key.length != 16) {
+ if (session_key.length == 0) {
DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
(unsigned)session_key.length));
return NT_STATUS_ACCESS_DENIED;
SIVAL(buf->hdr, SMB2_HDR_FLAGS, IVAL(buf->hdr, SMB2_HDR_FLAGS) | SMB2_HDR_FLAG_SIGNED);
ZERO_STRUCT(m);
- hmac_sha256_init(session_key.data, 16, &m);
+ hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
hmac_sha256_update(buf->buffer+NBT_HDR_SIZE, buf->size-NBT_HDR_SIZE, &m);
hmac_sha256_final(res, &m);
-
DEBUG(5,("signed SMB2 message of size %u\n", (unsigned)buf->size - NBT_HDR_SIZE));
memcpy(buf->hdr + SMB2_HDR_SIGNATURE, res, 16);
return NT_STATUS_OK;
}
- if (session_key.length != 16) {
+ if (session_key.length == 0) {
DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
(unsigned)session_key.length));
return NT_STATUS_ACCESS_DENIED;
memset(buf->hdr + SMB2_HDR_SIGNATURE, 0, 16);
ZERO_STRUCT(m);
- hmac_sha256_init(session_key.data, 16, &m);
+ hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
hmac_sha256_update(buf->hdr, buf->size-NBT_HDR_SIZE, &m);
hmac_sha256_final(res, &m);