/*The following definitions come from smbdes.c */
-void smbdes(unsigned char *out, unsigned char *in, unsigned char *key);
+void E_P16(unsigned char *p14,unsigned char *p16);
+void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
/*The following definitions come from smbencrypt.c */
-void E1(uchar *k, uchar *d, uchar *out);
-void E_P16(uchar *p14,uchar *p16);
-void E_P24(uchar *p21, uchar *c8, uchar *p24);
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24);
void E_md4hash(uchar *passwd, uchar *p16);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
/*
Unix SMB/Netbios implementation.
Version 1.9.
- a implementation of DES designed for use in the SMB authentication protocol
+
+ a partial implementation of DES designed for use in the
+ SMB authentication protocol
+
Copyright (C) Andrew Tridgell 1997
This program is free software; you can redistribute it and/or modify
*/
-/* NOTE: This code makes no attempt to be fast! In fact, it is a very
- slow DES implementation */
+/* NOTES:
+
+ This code makes no attempt to be fast! In fact, it is a very
+ slow implementation
+
+ This code is NOT a complete DES implementation. It implements only
+ the minimum necessary for SMB authentication, as used by all SMB
+ products (including every copy of Microsoft Windows95 ever sold)
+
+ In particular, it can only do a unchained forward DES pass. This
+ means it is not possible to use this code for encryption/decryption
+ of data, instead it is only useful as a "hash" algorithm.
+
+ There is no entry point into this code that allows normal DES operation.
+
+ I believe this means that this code does not come under ITAR
+ regulations but this is NOT a legal opinion. If you are concerned
+ about the applicability of ITAR regulations to this code then you
+ should confirm it for yourself (and maybe let me know if you come
+ up with a different answer to the one above)
+*/
+
+
static int perm1[56] = {57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
out[i] = in1[i] ^ in2[i];
}
-static void dodes(char *out, char *in, char *key)
+static void dohash(char *out, char *in, char *key)
{
int i, j, k;
char pk1[56];
}
-/* this is the entry point to the DES routine. The key is 56 bits (no parity) */
-void smbdes(unsigned char *out, unsigned char *in, unsigned char *key)
+static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key)
{
int i;
char outb[64];
outb[i] = 0;
}
- dodes(outb, inb, keyb);
+ dohash(outb, inb, keyb);
for (i=0;i<8;i++) {
out[i] = 0;
}
}
+void E_P16(unsigned char *p14,unsigned char *p16)
+{
+ unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
+ smbhash(p16, sp8, p14);
+ smbhash(p16+8, sp8, p14+7);
+}
+
+void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24)
+{
+ smbhash(p24, c8, p21);
+ smbhash(p24+8, c8, p21+7);
+ smbhash(p24+16, c8, p21+14);
+}
+
+
#include "byteorder.h"
-void E1(uchar *k, uchar *d, uchar *out)
-{
- smbdes(out, d, k);
-}
-
-void E_P16(uchar *p14,uchar *p16)
-{
- /* the following constant makes us compatible with other
- implementations. Note that publishing this constant does not reduce the
- security of the encryption mechanism */
- uchar sp8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
- E1(p14, sp8, p16);
- E1(p14+7, sp8, p16+8);
-}
-
-void E_P24(uchar *p21, uchar *c8, uchar *p24)
-{
- E1(p21, c8, p24);
- E1(p21+7, c8, p24+8);
- E1(p21+14, c8, p24+16);
-}
-
-
/*
This implements the X/Open SMB password encryption
It takes a password, a 8 byte "crypt key" and puts 24 bytes of
********************************************************************/
void generate_next_challenge(char *challenge)
{
- static int counter = 0;
- struct timeval tval;
- int v1,v2;
- GetTimeOfDay(&tval);
- v1 = (counter++) + getpid() + tval.tv_sec;
- v2 = (counter++) * getpid() + tval.tv_usec;
- SIVAL(challenge,0,v1);
- SIVAL(challenge,4,v2);
- E1((uchar *)challenge,(uchar *)"SAMBA",(uchar *)saved_challenge);
- memcpy(challenge,saved_challenge,8);
- challenge_sent = True;
+ unsigned char buf[16];
+ static int counter = 0;
+ struct timeval tval;
+ int v1,v2;
+
+ /* get a sort-of random number */
+ GetTimeOfDay(&tval);
+ v1 = (counter++) + getpid() + tval.tv_sec;
+ v2 = (counter++) * getpid() + tval.tv_usec;
+ SIVAL(challenge,0,v1);
+ SIVAL(challenge,4,v2);
+
+ /* mash it up with md4 */
+ mdfour(buf, challenge, 8);
+
+ memcpy(saved_challenge, buf, 8);
+ memcpy(challenge,buf,8);
+ challenge_sent = True;
}
/*******************************************************************
git.samba.org / samba.git / commitdiff