diff options
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/util/smbdes.c | 30 | ||||
-rw-r--r-- | source4/libcli/util/smbencrypt.c | 21 |
2 files changed, 36 insertions, 15 deletions
diff --git a/source4/libcli/util/smbdes.c b/source4/libcli/util/smbdes.c index d282b0135a..80b938b460 100644 --- a/source4/libcli/util/smbdes.c +++ b/source4/libcli/util/smbdes.c @@ -357,7 +357,8 @@ void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key, smbhash(out + 8, in + 8, key2, forw); } -void SamOEMhash( unsigned char *data, const unsigned char *key, int val) + +void SamOEMhashBlob(unsigned char *data, int len, const DATA_BLOB *key) { unsigned char s_box[256]; unsigned char index_i = 0; @@ -369,23 +370,22 @@ void SamOEMhash( unsigned char *data, const unsigned char *key, int val) s_box[ind] = (unsigned char)ind; } - for( ind = 0; ind < 256; ind++) { + for (ind = 0; ind < 256; ind++) { unsigned char tc; - - j += (s_box[ind] + key[ind%16]); - + + j += (s_box[ind] + key->data[ind%key->length]); + tc = s_box[ind]; s_box[ind] = s_box[j]; s_box[j] = tc; } - - for (ind = 0; ind < val; ind++){ + for (ind = 0; ind < len; ind++) { unsigned char tc; unsigned char t; index_i++; index_j += s_box[index_i]; - + tc = s_box[index_i]; s_box[index_i] = s_box[index_j]; s_box[index_j] = tc; @@ -395,6 +395,20 @@ void SamOEMhash( unsigned char *data, const unsigned char *key, int val) } } +/* + a varient that assumes a 16 byte key. This should be removed + when the last user is gone +*/ +void SamOEMhash(unsigned char *data, const unsigned char keystr[16], int len) +{ + DATA_BLOB key; + + key.length = 16; + key.data = keystr; + + SamOEMhashBlob(data, len, &key); +} + /* Decode a sam password hash into a password. The password hash is the same method used to store passwords in the NT registry. The DES key diff --git a/source4/libcli/util/smbencrypt.c b/source4/libcli/util/smbencrypt.c index 13d56e1e78..a1c026a27d 100644 --- a/source4/libcli/util/smbencrypt.c +++ b/source4/libcli/util/smbencrypt.c @@ -460,21 +460,28 @@ BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password } /*********************************************************** - encode a password buffer. The caller gets to figure out - what to put in it. + encode a password buffer with a unicode password. The buffer + is filled with random data to make it harder to attack. ************************************************************/ -BOOL encode_pw_buffer(char buffer[516], char *new_pw, int new_pw_length) +BOOL encode_pw_buffer(char buffer[516], const char *password, int string_flags) { - generate_random_buffer((unsigned char *)buffer, 516, True); + uchar new_pw[512]; + size_t new_pw_len; - memcpy(&buffer[512 - new_pw_length], new_pw, new_pw_length); + new_pw_len = push_string(NULL, new_pw, + password, + sizeof(new_pw), string_flags); + + memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len); + + generate_random_buffer((unsigned char *)buffer, 512 - new_pw_len, True); /* * The length of the new password is in the last 4 bytes of * the data buffer. */ - SIVAL(buffer, 512, new_pw_length); - + SIVAL(buffer, 512, new_pw_len); + ZERO_STRUCT(new_pw); return True; } |