summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/ntlm
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/ntlm')
-rw-r--r--source4/heimdal/lib/ntlm/ntlm.c104
1 files changed, 70 insertions, 34 deletions
diff --git a/source4/heimdal/lib/ntlm/ntlm.c b/source4/heimdal/lib/ntlm/ntlm.c
index 1fe456d022..36a04f1ff2 100644
--- a/source4/heimdal/lib/ntlm/ntlm.c
+++ b/source4/heimdal/lib/ntlm/ntlm.c
@@ -875,22 +875,23 @@ splitandenc(unsigned char *hash,
unsigned char *challange,
unsigned char *answer)
{
- DES_cblock key;
- DES_key_schedule sched;
-
- ((unsigned char*)key)[0] = hash[0];
- ((unsigned char*)key)[1] = (hash[0] << 7) | (hash[1] >> 1);
- ((unsigned char*)key)[2] = (hash[1] << 6) | (hash[2] >> 2);
- ((unsigned char*)key)[3] = (hash[2] << 5) | (hash[3] >> 3);
- ((unsigned char*)key)[4] = (hash[3] << 4) | (hash[4] >> 4);
- ((unsigned char*)key)[5] = (hash[4] << 3) | (hash[5] >> 5);
- ((unsigned char*)key)[6] = (hash[5] << 2) | (hash[6] >> 6);
- ((unsigned char*)key)[7] = (hash[6] << 1);
-
- DES_set_odd_parity(&key);
- DES_set_key_unchecked(&key, &sched);
- DES_ecb_encrypt((DES_cblock *)challange, (DES_cblock *)answer, &sched, 1);
- memset(&sched, 0, sizeof(sched));
+ EVP_CIPHER_CTX ctx;
+ unsigned char key[8];
+
+ key[0] = hash[0];
+ key[1] = (hash[0] << 7) | (hash[1] >> 1);
+ key[2] = (hash[1] << 6) | (hash[2] >> 2);
+ key[3] = (hash[2] << 5) | (hash[3] >> 3);
+ key[4] = (hash[3] << 4) | (hash[4] >> 4);
+ key[5] = (hash[4] << 3) | (hash[5] >> 5);
+ key[6] = (hash[5] << 2) | (hash[6] >> 6);
+ key[7] = (hash[6] << 1);
+
+ EVP_CIPHER_CTX_init(&ctx);
+
+ EVP_CipherInit_ex(&ctx, EVP_des_cbc(), NULL, key, NULL, 1);
+ EVP_Cipher(&ctx, answer, challange, 8);
+ EVP_CIPHER_CTX_cleanup(&ctx);
memset(key, 0, sizeof(key));
}
@@ -910,7 +911,7 @@ int
heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
{
struct ntlm_buf buf;
- MD4_CTX ctx;
+ EVP_MD_CTX *m;
int ret;
key->data = malloc(MD5_DIGEST_LENGTH);
@@ -923,9 +924,19 @@ heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
heim_ntlm_free_buf(key);
return ret;
}
- MD4_Init(&ctx);
- MD4_Update(&ctx, buf.data, buf.length);
- MD4_Final(key->data, &ctx);
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL) {
+ heim_ntlm_free_buf(key);
+ heim_ntlm_free_buf(&buf);
+ return ENOMEM;
+ }
+
+ EVP_DigestInit_ex(m, EVP_md4(), NULL);
+ EVP_DigestUpdate(m, buf.data, buf.length);
+ EVP_DigestFinal_ex(m, key->data, NULL);
+ EVP_MD_CTX_destroy(m);
+
heim_ntlm_free_buf(&buf);
return 0;
}
@@ -988,7 +999,7 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len,
struct ntlm_buf *session,
struct ntlm_buf *master)
{
- RC4_KEY rc4;
+ EVP_CIPHER_CTX c;
memset(master, 0, sizeof(*master));
memset(session, 0, sizeof(*session));
@@ -1010,25 +1021,42 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len,
return EINVAL;
}
+ EVP_CIPHER_CTX_init(&c);
+
{
unsigned char sessionkey[MD4_DIGEST_LENGTH];
- MD4_CTX ctx;
+ EVP_MD_CTX *m;
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL) {
+ EVP_CIPHER_CTX_cleanup(&c);
+ heim_ntlm_free_buf(master);
+ heim_ntlm_free_buf(session);
+ return ENOMEM;
+ }
- MD4_Init(&ctx);
- MD4_Update(&ctx, key, len);
- MD4_Final(sessionkey, &ctx);
+ EVP_DigestInit_ex(m, EVP_md4(), NULL);
+ EVP_DigestUpdate(m, key, len);
+ EVP_DigestFinal_ex(m, sessionkey, NULL);
+ EVP_MD_CTX_destroy(m);
- RC4_set_key(&rc4, sizeof(sessionkey), sessionkey);
+ if (EVP_CipherInit_ex(&c, EVP_rc4(), NULL, sessionkey, NULL, 1) != 1) {
+ EVP_CIPHER_CTX_cleanup(&c);
+ heim_ntlm_free_buf(master);
+ heim_ntlm_free_buf(session);
+ return EINVAL;
+ }
}
if (RAND_bytes(session->data, session->length) != 1) {
+ EVP_CIPHER_CTX_cleanup(&c);
heim_ntlm_free_buf(master);
heim_ntlm_free_buf(session);
return EINVAL;
}
- RC4(&rc4, master->length, session->data, master->data);
- memset(&rc4, 0, sizeof(rc4));
+ EVP_Cipher(&c, master->data, session->data, master->length);
+ EVP_CIPHER_CTX_cleanup(&c);
return 0;
}
@@ -1349,15 +1377,22 @@ heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8],
{
unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH];
unsigned char res[21], *resp;
- MD5_CTX md5;
+ EVP_MD_CTX *m;
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL)
+ return ENOMEM;
lm->data = malloc(24);
- if (lm->data == NULL)
+ if (lm->data == NULL) {
+ EVP_MD_CTX_destroy(m);
return ENOMEM;
+ }
lm->length = 24;
ntlm->data = malloc(24);
if (ntlm->data == NULL) {
+ EVP_MD_CTX_destroy(m);
free(lm->data);
lm->data = NULL;
return ENOMEM;
@@ -1368,10 +1403,11 @@ heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8],
memset(lm->data, 0, 24);
memcpy(lm->data, clnt_nonce, 8);
- MD5_Init(&md5);
- MD5_Update(&md5, svr_chal, 8); /* session nonce part 1 */
- MD5_Update(&md5, clnt_nonce, 8); /* session nonce part 2 */
- MD5_Final(ntlm2_sess_hash, &md5); /* will only use first 8 bytes */
+ EVP_DigestInit_ex(m, EVP_md5(), NULL);
+ EVP_DigestUpdate(m, svr_chal, 8); /* session nonce part 1 */
+ EVP_DigestUpdate(m, clnt_nonce, 8); /* session nonce part 2 */
+ EVP_DigestFinal_ex(m, ntlm2_sess_hash, NULL); /* will only use first 8 bytes */
+ EVP_MD_CTX_destroy(m);
memset(res, 0, sizeof(res));
memcpy(res, ntlm_hash, 16);