diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-02-14 10:47:07 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-02-14 10:47:07 +0000 |
commit | 938fd5652d24484dabecf908ea215fa29b80c77e (patch) | |
tree | 05e34ce3e104bd5a30b2c7709957853d2bb3903b /source3/libsmb/smbencrypt.c | |
parent | dc75b89bfc2dd1c1a0531f8e03bc5b6ee7a9cdcb (diff) | |
download | samba-938fd5652d24484dabecf908ea215fa29b80c77e.tar.gz samba-938fd5652d24484dabecf908ea215fa29b80c77e.tar.bz2 samba-938fd5652d24484dabecf908ea215fa29b80c77e.zip |
Further extract our NTLMv2 code into smbencrypt.c, prior to merge into our
NTLMSSP client code.
Andrew Bartlett
(This used to be commit eaa8e7d1f82b30e7af14a0a58d7ca3eb66a06053)
Diffstat (limited to 'source3/libsmb/smbencrypt.c')
-rw-r--r-- | source3/libsmb/smbencrypt.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 28a20e76af..aa9391325f 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -321,6 +321,37 @@ DATA_BLOB NTLMv2_generate_response(uchar ntlm_v2_hash[16], return final_response; } +BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password, + const DATA_BLOB server_chal, + DATA_BLOB *lm_response, DATA_BLOB *nt_response, + DATA_BLOB *session_key) +{ + uchar nt_hash[16]; + uchar ntlm_v2_hash[16]; + E_md4hash(password, nt_hash); + + /* We don't use the NT# directly. Instead we use it mashed up with + the username and domain. + This prevents username swapping during the auth exchange + */ + if (!ntv2_owf_gen(nt_hash, user, domain, ntlm_v2_hash)) { + return False; + } + + *nt_response = NTLMv2_generate_response(ntlm_v2_hash, server_chal, 64 /* pick a number, > 8 */); + + /* LMv2 */ + + *lm_response = NTLMv2_generate_response(ntlm_v2_hash, server_chal, 8); + + *session_key = data_blob(NULL, 16); + + /* The NTLMv2 calculations also provide a session key, for signing etc later */ + /* use only the first 16 bytes of nt_response for session key */ + SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, session_key->data); + + return True; +} /*********************************************************** encode a password buffer. The caller gets to figure out |