- change generate_challenge() to use md4 instead of des

- move routines about a bit between smbencrypt.c and smbdes.c. Ensure
that there is no entry point for normal DES operation

- add the following comment:

   This code is NOT a complete DES implementation. It implements only
   the minimum necessary for SMB authentication, as used by all SMB
   products (including every copy of Microsoft Windows95 ever sold)

   In particular, it can only do a unchained forward DES pass. This
   means it is not possible to use this code for encryption/decryption
   of data, instead it is only useful as a "hash" algorithm.

   There is no entry point into this code that allows normal DES operation.

   I believe this means that this code does not come under ITAR
   regulations but this is NOT a legal opinion. If you are concerned
   about the applicability of ITAR regulations to this code then you
   should confirm it for yourself (and maybe let me know if you come
   up with a different answer to the one above)
(This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7)

1 files changed, 0 insertions, 23 deletions

diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 2738103692..27172fd413 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -26,29 +26,6 @@ extern int DEBUGLEVEL;
 
 #include "byteorder.h"
 
-void E1(uchar *k, uchar *d, uchar *out)
-{
-	smbdes(out, d, k);
-}
- 
-void E_P16(uchar *p14,uchar *p16)
-{
-	/* the following constant makes us compatible with other
-	   implementations. Note that publishing this constant does not reduce the
-	   security of the encryption mechanism */
-	uchar sp8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
-	E1(p14, sp8, p16);
-	E1(p14+7, sp8, p16+8);
-}
-
-void E_P24(uchar *p21, uchar *c8, uchar *p24)
-{
-	E1(p21, c8, p24);
-	E1(p21+7, c8, p24+8);
-	E1(p21+14, c8, p24+16);
-}
-
-
 /*
    This implements the X/Open SMB password encryption
    It takes a password, a 8 byte "crypt key" and puts 24 bytes of