static NTSTATUS get_schannel_auth_footer(TALLOC_CTX *mem_ctx,
struct schannel_state *auth_state,
enum dcerpc_AuthLevel auth_level,
DATA_BLOB *data, DATA_BLOB *full_pkt,
DATA_BLOB *auth_token)
{
switch (auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
return netsec_incoming_packet(auth_state,
mem_ctx, true,
data->data,
data->length,
auth_token);
case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
return netsec_incoming_packet(auth_state,
mem_ctx, false,
data->data,
data->length,
auth_token);
default:
return NT_STATUS_INVALID_PARAMETER;
}
}
/*
check the signature on a packet
*/
static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
struct schannel_state *state =
talloc_get_type(gensec_security->private_data,
struct schannel_state);
return netsec_incoming_packet(state, false,
discard_const_p(uint8_t, data),
length, sig);
}
