From 58ec10049b8029de82e70ba10559e143a1b16707 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 14 Sep 1997 16:19:49 +0000 Subject: This is a written from scratch DES implementation. I couldn't find a GPLd implementation so I decided to write one. This version only does DES ecb encryption and isn't very general, so it may in fact be exempt from ITAR regulations. ITAR regulations do not prohibit the distribution of code that can be used for authentication purposes only. This code has no decrypt function so it would be useless for a normal encryption application and thus may be ITAR exempt. It is also very slow, but we don't need it to be fast. It is a literal implementation from the standard and treats each bit as one byte to make the code easy to write. (This used to be commit c2bc073a878179dd56db97c66dc957d42fe0b81b) --- source3/libsmb/smbdes.c | 290 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 290 insertions(+) create mode 100644 source3/libsmb/smbdes.c (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c new file mode 100644 index 0000000000..e207e58c24 --- /dev/null +++ b/source3/libsmb/smbdes.c @@ -0,0 +1,290 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + a implementation of DES designed for use in the SMB authentication protocol + Copyright (C) Andrew Tridgell 1997 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +/* NOTE: This code makes no attempt to be fast! In fact, it is a very + slow DES implementation */ + +static int perm1[56] = {57, 49, 41, 33, 25, 17, 9, + 1, 58, 50, 42, 34, 26, 18, + 10, 2, 59, 51, 43, 35, 27, + 19, 11, 3, 60, 52, 44, 36, + 63, 55, 47, 39, 31, 23, 15, + 7, 62, 54, 46, 38, 30, 22, + 14, 6, 61, 53, 45, 37, 29, + 21, 13, 5, 28, 20, 12, 4}; + +static int perm2[48] = {14, 17, 11, 24, 1, 5, + 3, 28, 15, 6, 21, 10, + 23, 19, 12, 4, 26, 8, + 16, 7, 27, 20, 13, 2, + 41, 52, 31, 37, 47, 55, + 30, 40, 51, 45, 33, 48, + 44, 49, 39, 56, 34, 53, + 46, 42, 50, 36, 29, 32}; + +static int perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, + 60, 52, 44, 36, 28, 20, 12, 4, + 62, 54, 46, 38, 30, 22, 14, 6, + 64, 56, 48, 40, 32, 24, 16, 8, + 57, 49, 41, 33, 25, 17, 9, 1, + 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, + 63, 55, 47, 39, 31, 23, 15, 7}; + +static int perm4[48] = { 32, 1, 2, 3, 4, 5, + 4, 5, 6, 7, 8, 9, + 8, 9, 10, 11, 12, 13, + 12, 13, 14, 15, 16, 17, + 16, 17, 18, 19, 20, 21, + 20, 21, 22, 23, 24, 25, + 24, 25, 26, 27, 28, 29, + 28, 29, 30, 31, 32, 1}; + +static int perm5[32] = { 16, 7, 20, 21, + 29, 12, 28, 17, + 1, 15, 23, 26, + 5, 18, 31, 10, + 2, 8, 24, 14, + 32, 27, 3, 9, + 19, 13, 30, 6, + 22, 11, 4, 25}; + + +static int perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, + 39, 7, 47, 15, 55, 23, 63, 31, + 38, 6, 46, 14, 54, 22, 62, 30, + 37, 5, 45, 13, 53, 21, 61, 29, + 36, 4, 44, 12, 52, 20, 60, 28, + 35, 3, 43, 11, 51, 19, 59, 27, + 34, 2, 42, 10, 50, 18, 58, 26, + 33, 1, 41, 9, 49, 17, 57, 25}; + + +static int sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; + +static int sbox[8][4][16] = { + {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, + {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, + {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, + {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 1}}, + + {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, + {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, + {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, + {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}}, + + {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, + {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, + {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, + {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}}, + + {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, + {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, + {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, + {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}}, + + {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, + {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, + {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, + {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}}, + + {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, + {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, + {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, + {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}}, + + {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, + {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, + {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, + {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}}, + + {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, + {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, + {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, + {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; + + +static void permute(char *out, char *in, int *p, int n) +{ + int i; + for (i=0;i>1; + key[1] = ((str[0]&0x01)<<6) | (str[1]>>2); + key[2] = ((str[1]&0x03)<<5) | (str[2]>>3); + key[3] = ((str[2]&0x07)<<4) | (str[3]>>4); + key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5); + key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6); + key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7); + key[7] = str[6]&0x7F; + for (i=0;i<8;i++) { + key[i] = (key[i]<<1); + } +} + + +/* this is the entry point to the DES routine. The key is 56 bits (no parity) */ +void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) +{ + int i, j; + char outb[64]; + char inb[64]; + char keyb[64]; + unsigned char key2[8]; + + str_to_key(key, key2); + + for (i=0;i<64;i++) { + inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0; + keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0; + outb[i] = 0; + } + + for (i=0;i<8;i++) { + int count = 0; + for (j=0;j<7;j++) + count += keyb[i*8 + j]; + if ((count&1) == 0) + keyb[i*8 + 7] = 1; + else + keyb[i*8 + 7] = 0; + } + + dodes(outb, inb, keyb); + + for (i=0;i<64;i++) { + if (outb[i]) + out[i/8] |= (1<<(7-(i%8))); + else + out[i/8] &= ~(1<<(7-(i%8))); + } +} + -- cgit From 72b02acd7e2c24efcff2faffb2555d70378b01b3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 16 Sep 1997 03:53:54 +0000 Subject: bug fix in the new des code. I had one of the sbox[] constants wrong, which interestingly gave a 20% chance of the whole algorithm failing. (This used to be commit 9a42f88a0963d006e8bf091775a3f55f6c6b4f77) --- source3/libsmb/smbdes.c | 34 +++++++++++++--------------------- 1 file changed, 13 insertions(+), 21 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index e207e58c24..135df7fbb4 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -85,44 +85,43 @@ static int sbox[8][4][16] = { {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, - {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 1}}, - + {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}}, + {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}}, - + {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}}, - + {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}}, - + {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}}, - + {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}}, - + {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}}, - + {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; - static void permute(char *out, char *in, int *p, int n) { int i; @@ -230,6 +229,7 @@ static void dodes(char *out, char *in, char *key) } concat(rl, r, l, 32, 32); + permute(out, rl, perm6, 64); } @@ -254,7 +254,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) /* this is the entry point to the DES routine. The key is 56 bits (no parity) */ void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) { - int i, j; + int i; char outb[64]; char inb[64]; char keyb[64]; @@ -268,23 +268,15 @@ void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) outb[i] = 0; } + dodes(outb, inb, keyb); + for (i=0;i<8;i++) { - int count = 0; - for (j=0;j<7;j++) - count += keyb[i*8 + j]; - if ((count&1) == 0) - keyb[i*8 + 7] = 1; - else - keyb[i*8 + 7] = 0; + out[i] = 0; } - dodes(outb, inb, keyb); - for (i=0;i<64;i++) { if (outb[i]) out[i/8] |= (1<<(7-(i%8))); - else - out[i/8] &= ~(1<<(7-(i%8))); } } -- cgit From 57c2578cb2b7e02acc6c04d07adc11a77c40aa9c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 16 Sep 1997 04:41:16 +0000 Subject: - change generate_challenge() to use md4 instead of des - move routines about a bit between smbencrypt.c and smbdes.c. Ensure that there is no entry point for normal DES operation - add the following comment: This code is NOT a complete DES implementation. It implements only the minimum necessary for SMB authentication, as used by all SMB products (including every copy of Microsoft Windows95 ever sold) In particular, it can only do a unchained forward DES pass. This means it is not possible to use this code for encryption/decryption of data, instead it is only useful as a "hash" algorithm. There is no entry point into this code that allows normal DES operation. I believe this means that this code does not come under ITAR regulations but this is NOT a legal opinion. If you are concerned about the applicability of ITAR regulations to this code then you should confirm it for yourself (and maybe let me know if you come up with a different answer to the one above) (This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7) --- source3/libsmb/smbdes.c | 52 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 7 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 135df7fbb4..1c38612b73 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -1,7 +1,10 @@ /* Unix SMB/Netbios implementation. Version 1.9. - a implementation of DES designed for use in the SMB authentication protocol + + a partial implementation of DES designed for use in the + SMB authentication protocol + Copyright (C) Andrew Tridgell 1997 This program is free software; you can redistribute it and/or modify @@ -20,8 +23,29 @@ */ -/* NOTE: This code makes no attempt to be fast! In fact, it is a very - slow DES implementation */ +/* NOTES: + + This code makes no attempt to be fast! In fact, it is a very + slow implementation + + This code is NOT a complete DES implementation. It implements only + the minimum necessary for SMB authentication, as used by all SMB + products (including every copy of Microsoft Windows95 ever sold) + + In particular, it can only do a unchained forward DES pass. This + means it is not possible to use this code for encryption/decryption + of data, instead it is only useful as a "hash" algorithm. + + There is no entry point into this code that allows normal DES operation. + + I believe this means that this code does not come under ITAR + regulations but this is NOT a legal opinion. If you are concerned + about the applicability of ITAR regulations to this code then you + should confirm it for yourself (and maybe let me know if you come + up with a different answer to the one above) +*/ + + static int perm1[56] = {57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, @@ -154,7 +178,7 @@ static void xor(char *out, char *in1, char *in2, int n) out[i] = in1[i] ^ in2[i]; } -static void dodes(char *out, char *in, char *key) +static void dohash(char *out, char *in, char *key) { int i, j, k; char pk1[56]; @@ -251,8 +275,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -/* this is the entry point to the DES routine. The key is 56 bits (no parity) */ -void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) +static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) { int i; char outb[64]; @@ -268,7 +291,7 @@ void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) outb[i] = 0; } - dodes(outb, inb, keyb); + dohash(outb, inb, keyb); for (i=0;i<8;i++) { out[i] = 0; @@ -280,3 +303,18 @@ void smbdes(unsigned char *out, unsigned char *in, unsigned char *key) } } +void E_P16(unsigned char *p14,unsigned char *p16) +{ + unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; + smbhash(p16, sp8, p14); + smbhash(p16+8, sp8, p14+7); +} + +void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) +{ + smbhash(p24, c8, p21); + smbhash(p24+8, c8, p21+7); + smbhash(p24+16, c8, p21+14); +} + + -- cgit From c5e739febe5ab3bcc5d147fe791c788ec72531a3 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 10 Oct 1997 14:48:05 +0000 Subject: Makefile: added credentials.c to smbd credentials.c: using credential structures instead of char* password.c uid.c server.c: added sid and attr to user_struct. smbdes.c: smbhash and str_to_key make public instead of private. pipes.c smb.h: lsa structures, sub-functions. proto.h: usual. (This used to be commit 87a0a944855a673d693d934e446bdc231b1c7f02) --- source3/libsmb/smbdes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 1c38612b73..b62a160418 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -257,7 +257,7 @@ static void dohash(char *out, char *in, char *key) permute(out, rl, perm6, 64); } -static void str_to_key(unsigned char *str,unsigned char *key) +void str_to_key(unsigned char *str,unsigned char *key) { int i; @@ -275,7 +275,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) +void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) { int i; char outb[64]; -- cgit From 62b73f0913894ce7cf6e327cb9928a283f305403 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 20 Oct 1997 01:00:08 +0000 Subject: move calls to smbhash() inside smbdes.c (for legal reasons) (This used to be commit 9dfab27da3634539e99eb48c85dd5a64212e7005) --- source3/libsmb/smbdes.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index b62a160418..90bad778c5 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -275,7 +275,7 @@ void str_to_key(unsigned char *str,unsigned char *key) } -void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) +static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) { int i; char outb[64]; @@ -317,4 +317,21 @@ void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) smbhash(p24+16, c8, p21+14); } +void cred_hash1(char *out, char *in, char *key) +{ + char buf[8]; + + smbhash(buf, in, key); + smbhash(out, buf, key+9); +} + +void cred_hash2(char *out, char *in, char *key) +{ + char buf[8]; + static char key2[8]; + + smbhash(buf, in, key); + key2[0] = key[7]; + smbhash(out, buf, key2); +} -- cgit From f4b4b3e6e35916dc5e280542f5f914e40b25dd21 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 20 Oct 1997 02:50:12 +0000 Subject: casting cleanups (This used to be commit ab849a97821c9e1f199eea8ea2ec477687bed947) --- source3/libsmb/smbdes.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 90bad778c5..67e27016c3 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -257,7 +257,7 @@ static void dohash(char *out, char *in, char *key) permute(out, rl, perm6, 64); } -void str_to_key(unsigned char *str,unsigned char *key) +static void str_to_key(unsigned char *str,unsigned char *key) { int i; @@ -317,18 +317,18 @@ void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) smbhash(p24+16, c8, p21+14); } -void cred_hash1(char *out, char *in, char *key) +void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) { - char buf[8]; + unsigned char buf[8]; smbhash(buf, in, key); smbhash(out, buf, key+9); } -void cred_hash2(char *out, char *in, char *key) +void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) { - char buf[8]; - static char key2[8]; + unsigned char buf[8]; + static unsigned char key2[8]; smbhash(buf, in, key); key2[0] = key[7]; -- cgit From 390c1f3c4d3136b454fa5eb8681fa9ca34eaacc2 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sat, 25 Oct 1997 10:58:18 +0000 Subject: Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07) --- source3/libsmb/smbdes.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 67e27016c3..9675401f14 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -329,7 +329,12 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) { unsigned char buf[8]; static unsigned char key2[8]; + int i; + for (i=0;i<8;i++) { + key2[i] = 0; + } + smbhash(buf, in, key); key2[0] = key[7]; smbhash(out, buf, key2); -- cgit From f8c059517af070fe8718f7152a0a9c89668162fa Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 26 Oct 1997 07:45:36 +0000 Subject: fix some casting errors in smbencrypt and some multiply-defined errors in clientutil.c (Luke, you can't just copy a global variable declaration from one file to another, you need to declare one of them extern) (This used to be commit 944ecbcbd47afcc20e2e408a06d57c7b8d0d86a8) --- source3/libsmb/smbdes.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 9675401f14..e4f8280f9b 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -329,11 +329,6 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) { unsigned char buf[8]; static unsigned char key2[8]; - int i; - - for (i=0;i<8;i++) { - key2[i] = 0; - } smbhash(buf, in, key); key2[0] = key[7]; -- cgit From 4f9674d1c85f2e7293874477ae0da15fee1538c7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 16 Jan 1998 08:58:00 +0000 Subject: reply.c: server.c: Test fix for NT worstation SMBmv oplock bug. smbdes.c: Addition of 'forward' parameter in preparation of allowing password change. Jeremy. (This used to be commit 0b0b1fb122a52e67a8fdc77d013ad0b3bbb90d19) --- source3/libsmb/smbdes.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index e4f8280f9b..c3cc2c7133 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -178,7 +178,7 @@ static void xor(char *out, char *in1, char *in2, int n) out[i] = in1[i] ^ in2[i]; } -static void dohash(char *out, char *in, char *key) +static void dohash(char *out, char *in, char *key, int forw) { int i, j, k; char pk1[56]; @@ -222,7 +222,7 @@ static void dohash(char *out, char *in, char *key) permute(er, r, perm4, 48); - xor(erk, er, ki[i], 48); + xor(erk, er, ki[forw ? i : 15 - i], 48); for (j=0;j<8;j++) for (k=0;k<6;k++) @@ -275,7 +275,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) +static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) { int i; char outb[64]; @@ -291,7 +291,7 @@ static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) outb[i] = 0; } - dohash(outb, inb, keyb); + dohash(outb, inb, keyb, forw); for (i=0;i<8;i++) { out[i] = 0; @@ -306,23 +306,23 @@ static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) void E_P16(unsigned char *p14,unsigned char *p16) { unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - smbhash(p16, sp8, p14); - smbhash(p16+8, sp8, p14+7); + smbhash(p16, sp8, p14, 1); + smbhash(p16+8, sp8, p14+7, 1); } void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) { - smbhash(p24, c8, p21); - smbhash(p24+8, c8, p21+7); - smbhash(p24+16, c8, p21+14); + smbhash(p24, c8, p21, 1); + smbhash(p24+8, c8, p21+7, 1); + smbhash(p24+16, c8, p21+14, 1); } void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) { unsigned char buf[8]; - smbhash(buf, in, key); - smbhash(out, buf, key+9); + smbhash(buf, in, key, 1); + smbhash(out, buf, key+9, 1); } void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) @@ -330,8 +330,8 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) unsigned char buf[8]; static unsigned char key2[8]; - smbhash(buf, in, key); + smbhash(buf, in, key, 1); key2[0] = key[7]; - smbhash(out, buf, key2); + smbhash(out, buf, key2, 1); } -- cgit From 1ea8ceac458501719a055700902d456304c4ee0a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Jan 1998 07:08:21 +0000 Subject: charcnv.c: Added codepage 866 support onto the file system. Patch from Max Khon . chgpasswd.c: Allow old RAP change password to work with encrypted passwords. Samba can now allow Windows 95/NT clients to securely change the Lanman password ! (But not the NT hash - that gets lost). ipc.c: smbdes.c: smbpass.c: Support for the above. server.c: #ifdef'ed out fix for NT redirector bug. util.c: Fix NIS bug with server name. Jeremy. (This used to be commit cd9fad92d0316e5a0007ba3c5668906dc2f011f1) --- source3/libsmb/smbdes.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index c3cc2c7133..7446f31e15 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -317,6 +317,12 @@ void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) smbhash(p24+16, c8, p21+14, 1); } +void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out) +{ + smbhash(out, in, p14, 0); + smbhash(out+8, in+8, p14+7, 0); +} + void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) { unsigned char buf[8]; -- cgit From 55f400bd84f26027f5ec9b7fa06b22895de7557c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 22 Jan 1998 13:27:43 +0000 Subject: This is *not* a big change (although it looks like one). This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 7446f31e15..c345d051bd 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -5,7 +5,7 @@ a partial implementation of DES designed for use in the SMB authentication protocol - Copyright (C) Andrew Tridgell 1997 + Copyright (C) Andrew Tridgell 1998 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From da050244c305c1e03e2f3fb2ac02f6bc93ad47ca Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 18 Mar 1998 19:07:53 +0000 Subject: Added SamOEMChangePassword functionality. Jeremy. (This used to be commit e02e3bcbbd4333113dde7bef47763fb229148007) --- source3/libsmb/smbdes.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index c345d051bd..8f95a5a297 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -341,3 +341,43 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) smbhash(out, buf, key2, 1); } +void SamOEMhash( unsigned char *data, unsigned char *key) +{ + unsigned char s_box[256]; + unsigned char index_i = 0; + unsigned char index_j = 0; + unsigned char j = 0; + int ind; + + for (ind = 0; ind < 256; ind++) + { + s_box[ind] = (unsigned char)ind; + } + + for( ind = 0; ind < 256; ind++) + { + unsigned char tc; + + j += (s_box[ind] + key[ind%16]); + + tc = s_box[ind]; + s_box[ind] = s_box[j]; + s_box[j] = tc; + } + + for( ind = 0; ind < 516; ind++) + { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += s_box[index_i]; + + tc = s_box[index_i]; + s_box[index_i] = s_box[index_j]; + s_box[index_j] = tc; + + t = s_box[index_i] + s_box[index_j]; + data[ind] = data[ind] ^ s_box[t]; + } +} -- cgit From 7abbf368f908cacdb2978e33069e49755e54faa8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 19 Mar 1998 20:06:47 +0000 Subject: Adding the same changes to HEAD as were added to BRANCH_1_9_18. Changed smbpasswd to be client-server for a normal user, rather than accessing the private/smbpasswd file directly (it still accesses this file directly when run as root, so root can add users/change a users password without knowing the old password). A shakeout of this change is that smbpasswd can now be used to change a users password on a remote NT machine (yep - you heard that one right - we can now change a NT password from UNIX !!!!!). Jeremy. (This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124) --- source3/libsmb/smbdes.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 8f95a5a297..e5d8f4a1e0 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -323,6 +323,12 @@ void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out) smbhash(out+8, in+8, p14+7, 0); } +void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out) +{ + smbhash(out, in, p14, 1); + smbhash(out+8, in+8, p14+7, 1); +} + void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) { unsigned char buf[8]; @@ -341,7 +347,7 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) smbhash(out, buf, key2, 1); } -void SamOEMhash( unsigned char *data, unsigned char *key) +void SamOEMhash( unsigned char *data, unsigned char *key, int val) { unsigned char s_box[256]; unsigned char index_i = 0; @@ -365,7 +371,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key) s_box[j] = tc; } - for( ind = 0; ind < 516; ind++) + for( ind = 0; ind < (val ? 516 : 16); ind++) { unsigned char tc; unsigned char t; -- cgit From 373d7c62577c13e1a85043844953a8d779858432 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 17 Apr 1998 19:29:51 +0000 Subject: Changing of machine passwords now works !!!!!! smbdes.c: Added cred_hash3. smbpasswd.c: Fixes for adding a machine account (needs more work). lib/rpc/server/srv_netlog.c: Turn on the machine password changing code by default (calls cred_hash3). Jeremy. (This used to be commit 50aa513b969c6e41911aeee8207b065f93af0beb) --- source3/libsmb/smbdes.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index e5d8f4a1e0..cf46e53ff5 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -347,6 +347,15 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) smbhash(out, buf, key2, 1); } +void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key) +{ + static unsigned char key2[8]; + + smbhash(out, in, key, 0); + key2[0] = key[7]; + smbhash(out + 8, in + 8, key2, 0); +} + void SamOEMhash( unsigned char *data, unsigned char *key, int val) { unsigned char s_box[256]; -- cgit From d3832506b2583130c4f4ba4b3edeabca987b7cbb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 29 Apr 1998 00:02:57 +0000 Subject: This is the checkin that adds the security=domain functionality. WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19) --- source3/libsmb/smbdes.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index cf46e53ff5..4daf616588 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -347,13 +347,13 @@ void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) smbhash(out, buf, key2, 1); } -void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key) +void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw) { static unsigned char key2[8]; - smbhash(out, in, key, 0); + smbhash(out, in, key, forw); key2[0] = key[7]; - smbhash(out + 8, in + 8, key2, 0); + smbhash(out + 8, in + 8, key2, forw); } void SamOEMhash( unsigned char *data, unsigned char *key, int val) -- cgit From 69c6f1624d79e4cf4296856d66216cca90863286 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 17 Aug 1998 06:14:52 +0000 Subject: reduced the memory footprint a bit by changing some large static int arrays to uchar (This used to be commit 01b642a3793a1bea0517370a9a64945fd86ddf02) --- source3/libsmb/smbdes.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 4daf616588..eebe0dc54f 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -46,8 +46,9 @@ */ +#define uchar unsigned char -static int perm1[56] = {57, 49, 41, 33, 25, 17, 9, +static uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, @@ -56,7 +57,7 @@ static int perm1[56] = {57, 49, 41, 33, 25, 17, 9, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4}; -static int perm2[48] = {14, 17, 11, 24, 1, 5, +static uchar perm2[48] = {14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, @@ -65,7 +66,7 @@ static int perm2[48] = {14, 17, 11, 24, 1, 5, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32}; -static int perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, +static uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, @@ -74,7 +75,7 @@ static int perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7}; -static int perm4[48] = { 32, 1, 2, 3, 4, 5, +static uchar perm4[48] = { 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, @@ -83,7 +84,7 @@ static int perm4[48] = { 32, 1, 2, 3, 4, 5, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1}; -static int perm5[32] = { 16, 7, 20, 21, +static uchar perm5[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, @@ -93,7 +94,7 @@ static int perm5[32] = { 16, 7, 20, 21, 22, 11, 4, 25}; -static int perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, +static uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, @@ -103,9 +104,9 @@ static int perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, 33, 1, 41, 9, 49, 17, 57, 25}; -static int sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; +static uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; -static int sbox[8][4][16] = { +static uchar sbox[8][4][16] = { {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, @@ -146,7 +147,7 @@ static int sbox[8][4][16] = { {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; -static void permute(char *out, char *in, int *p, int n) +static void permute(char *out, char *in, uchar *p, int n) { int i; for (i=0;i Date: Wed, 7 Oct 1998 21:42:24 +0000 Subject: dce/rpc (This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971) --- source3/libsmb/smbdes.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 53 insertions(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index eebe0dc54f..e9f2329550 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -357,6 +357,58 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } +void NTLMSSPhash( unsigned char hash[256], unsigned char const key[5]) +{ + unsigned char j = 0; + int ind; + + unsigned char k2[8]; + + memcpy(k2, key, sizeof(key)); + k2[5] = 0xe5; + k2[6] = 0xb8; + k2[6] = 0xb0; + + for (ind = 0; ind < 256; ind++) + { + hash[ind] = (unsigned char)ind; + } + + for( ind = 0; ind < 256; ind++) + { + unsigned char tc; + + j += (hash[ind] + k2[ind%8]); + + tc = hash[ind]; + hash[ind] = hash[j]; + hash[j] = tc; + } +} + +void NTLMSSPcalc( unsigned char hash[256], unsigned char *data, int len) +{ + unsigned char index_i = 0; + unsigned char index_j = 0; + int ind; + + for( ind = 0; ind < len; ind++) + { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += hash[index_i]; + + tc = hash[index_i]; + hash[index_i] = hash[index_j]; + hash[index_j] = tc; + + t = hash[index_i] + hash[index_j]; + data[ind] ^= hash[t]; + } +} + void SamOEMhash( unsigned char *data, unsigned char *key, int val) { unsigned char s_box[256]; @@ -380,8 +432,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - - for( ind = 0; ind < (val ? 516 : 16); ind++) + for( ind = 0; ind < val ? 516 : 8; ind++) { unsigned char tc; unsigned char t; -- cgit From d57d00005ee9056f5abf636ef7828098ae02ce2d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 8 Oct 1998 22:48:46 +0000 Subject: fixed bug pointed out by Herb. (This used to be commit 35a5e9ce4fd60806e652f221e25caa0664b69209) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index e9f2329550..1d6c6bc0a6 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -432,7 +432,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - for( ind = 0; ind < val ? 516 : 8; ind++) + for( ind = 0; ind < (val ? 516 : 8); ind++) { unsigned char tc; unsigned char t; -- cgit From 755986764f5a6b0ec25c7f20fde0a80eb4d121ba Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 9 Oct 1998 19:05:19 +0000 Subject: dce/rpc (This used to be commit 32d0f5e4a564686ad6b270dd24423ee49a81f223) --- source3/libsmb/smbdes.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 1d6c6bc0a6..c0f749ad3b 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -357,17 +357,17 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } -void NTLMSSPhash( unsigned char hash[256], unsigned char const key[5]) +void NTLMSSPhash( unsigned char hash[258], unsigned char key[5]) { - unsigned char j = 0; - int ind; + unsigned char j = 0; + int ind; unsigned char k2[8]; - memcpy(k2, key, sizeof(key)); + memcpy(k2, key, 5); k2[5] = 0xe5; - k2[6] = 0xb8; - k2[6] = 0xb0; + k2[6] = 0x38; + k2[7] = 0xb0; for (ind = 0; ind < 256; ind++) { @@ -384,12 +384,15 @@ void NTLMSSPhash( unsigned char hash[256], unsigned char const key[5]) hash[ind] = hash[j]; hash[j] = tc; } + + hash[256] = 0; + hash[257] = 0; } -void NTLMSSPcalc( unsigned char hash[256], unsigned char *data, int len) +void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len) { - unsigned char index_i = 0; - unsigned char index_j = 0; + unsigned char index_i = hash[256]; + unsigned char index_j = hash[257]; int ind; for( ind = 0; ind < len; ind++) @@ -405,8 +408,11 @@ void NTLMSSPcalc( unsigned char hash[256], unsigned char *data, int len) hash[index_j] = tc; t = hash[index_i] + hash[index_j]; - data[ind] ^= hash[t]; + data[ind] = data[ind] ^ hash[t]; } + + hash[256] = index_i; + hash[257] = index_j; } void SamOEMhash( unsigned char *data, unsigned char *key, int val) -- cgit From 2a3cd67074073a38dccb528d2600fb8d88d3b8ed Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 14 Oct 1998 16:12:45 +0000 Subject: 16 changed to 8 by mistake in samoemhash. (This used to be commit ed6ffa4430e3ae6e0c9f49650f53ce79d12af28e) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index c0f749ad3b..46b337cda8 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -438,7 +438,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - for( ind = 0; ind < (val ? 516 : 8); ind++) + for( ind = 0; ind < (val ? 516 : 16); ind++) { unsigned char tc; unsigned char t; -- cgit From fc62d6bf368c950e1e51bc42771cce8b299df42c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Oct 1998 17:41:13 +0000 Subject: Small tidyups for gcc in 'preen' mode.... Jeremy. (This used to be commit 60dc1a4a00a22088d33369588b0d5eb292cf084a) --- source3/libsmb/smbdes.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 46b337cda8..9d531ef26d 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -22,6 +22,7 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#include "includes.h" /* NOTES: -- cgit From 1ee499385c1ea0b4add82d3d4513ea997d048af1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 22 Oct 1998 16:55:03 +0000 Subject: libsmb/smbdes.c: #ifdef'ed out code prior to removal. rpc_client/cli_pipe.c: Inlined code removed from smbdes.c rpc_server/srv_samr.c: Fixed unused variable warning. rpc_server/srv_util.c: Inlined code removed from smbdes.c Luke - the above changes are the first part of the changes you and I discussed as being neccessary at the CIFS conference. *PLEASE REVIEW THESE CHANGES* - make sure I haven't broken any of the authenticated DCE/RPC code. smbd/nttrans.c: Fixed to allow NT5.0beta2 to use Samba shares with NT SMB support. smbd/open.c: Fixed mkdir when called from nttrans calls. smbd/server.c: Set correct size for strcpy of global_myworkgroup. Jeremy. (This used to be commit d891421d16ff80998dee429227bd391455f9d1a1) --- source3/libsmb/smbdes.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 9d531ef26d..8a13935cf9 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -358,6 +358,10 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } +#if 0 +/* + * Prepare to remove... JRA. + */ void NTLMSSPhash( unsigned char hash[258], unsigned char key[5]) { unsigned char j = 0; @@ -389,6 +393,7 @@ void NTLMSSPhash( unsigned char hash[258], unsigned char key[5]) hash[256] = 0; hash[257] = 0; } +#endif void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len) { -- cgit From 84866d423330b2a21720adef2e9bed5f45d8ff0c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 22 Oct 1998 19:15:24 +0000 Subject: Removed previously #ifdef 0 'ed code. Jeremy. (This used to be commit 7feaa13d02f84760d6857115ed253570f41911bb) --- source3/libsmb/smbdes.c | 37 ------------------------------------- 1 file changed, 37 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 8a13935cf9..5bff1742af 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -358,43 +358,6 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } -#if 0 -/* - * Prepare to remove... JRA. - */ -void NTLMSSPhash( unsigned char hash[258], unsigned char key[5]) -{ - unsigned char j = 0; - int ind; - - unsigned char k2[8]; - - memcpy(k2, key, 5); - k2[5] = 0xe5; - k2[6] = 0x38; - k2[7] = 0xb0; - - for (ind = 0; ind < 256; ind++) - { - hash[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) - { - unsigned char tc; - - j += (hash[ind] + k2[ind%8]); - - tc = hash[ind]; - hash[ind] = hash[j]; - hash[j] = tc; - } - - hash[256] = 0; - hash[257] = 0; -} -#endif - void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len) { unsigned char index_i = hash[256]; -- cgit From 10a9addc222b29acdcfe6afed0597dd17551fa5c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 12 Nov 1998 04:17:54 +0000 Subject: Moved some code (NTLMSSPcalc) out of smbdes and inline for paranioa resons and my own piece of mind... Jeremy. (This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9) --- source3/libsmb/smbdes.c | 26 -------------------------- 1 file changed, 26 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 5bff1742af..d0e1c6e85f 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -358,32 +358,6 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } -void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len) -{ - unsigned char index_i = hash[256]; - unsigned char index_j = hash[257]; - int ind; - - for( ind = 0; ind < len; ind++) - { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += hash[index_i]; - - tc = hash[index_i]; - hash[index_i] = hash[index_j]; - hash[index_j] = tc; - - t = hash[index_i] + hash[index_j]; - data[ind] = data[ind] ^ hash[t]; - } - - hash[256] = index_i; - hash[257] = index_j; -} - void SamOEMhash( unsigned char *data, unsigned char *key, int val) { unsigned char s_box[256]; -- cgit From b5a5236f207867d52acb8573d69c92a7691b2d3f Mon Sep 17 00:00:00 2001 From: Matthew Chapman Date: Fri, 19 Mar 1999 15:09:25 +0000 Subject: Implemented encryption algorithm used for a number of RPC buffers. (actually, decryption only currently because I need to get some sleep). Basically another Microsoft twist on DES; the "master key" is the user's NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys. (This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index d0e1c6e85f..08bc929f01 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) +void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) { int i; char outb[64]; -- cgit From 5aeb58c2852ac9dba113d29c0f3e9a3b8a81658c Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 19 Mar 1999 20:58:24 +0000 Subject: const char* instead of char* for input (This used to be commit b51574174c5bbc554eb1c697cb22b2b73af44306) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 08bc929f01..579d0dd8b4 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) +void smbhash(unsigned char *out, const uchar *in, unsigned char *key, int forw) { int i; char outb[64]; -- cgit From 6a5a4e818684a616306d2954d1a2612113b314a6 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 21 Jul 1999 00:32:09 +0000 Subject: BDC support. (This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d) --- source3/libsmb/smbdes.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 579d0dd8b4..fa7d64cec8 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -365,6 +365,10 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) unsigned char index_j = 0; unsigned char j = 0; int ind; + int len = 0; + if (val == 1) len = 516; + if (val == 0) len = 16; + if (val == 2) len = 68; for (ind = 0; ind < 256; ind++) { @@ -381,7 +385,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - for( ind = 0; ind < (val ? 516 : 16); ind++) + for( ind = 0; ind < len; ind++) { unsigned char tc; unsigned char t; -- cgit From 0091c7768dc37c22206b345b306441583204dcba Mon Sep 17 00:00:00 2001 From: Matthew Chapman Date: Thu, 22 Jul 1999 10:54:18 +0000 Subject: BDC support. Algorithm based on previous work of Jeremy's. (This used to be commit f0c71a804dc869a73eb6af6e0ac9f4fb64dd1f68) --- source3/libsmb/smbdes.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index fa7d64cec8..ba214a2eb0 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -401,3 +401,16 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) data[ind] = data[ind] ^ s_box[t]; } } + +void sam_pwd_hash(uint32 rid, const uchar *in, uchar *out, int forw) +{ + unsigned char s[14]; + + s[0] = s[4] = s[8] = s[12] = (unsigned char)(rid & 0xFF); + s[1] = s[5] = s[9] = s[13] = (unsigned char)((rid >> 8) & 0xFF); + s[2] = s[6] = s[10] = (unsigned char)((rid >> 16) & 0xFF); + s[3] = s[7] = s[11] = (unsigned char)((rid >> 24) & 0xFF); + + smbhash(out, in, s, forw); + smbhash(out+8, in+8, s+7, forw); +} -- cgit From 30e8faaa8dac9eca2383ec0cda9cd2c9fc65d466 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 25 Nov 1999 05:34:12 +0000 Subject: previous commit added an abstraction function that didn't even have struct cli_state, uint16 fnum into the code: rpc_hnd_api_req(). modified cli_lsarpc.c to use this. the rest is const issues. (This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588) --- source3/libsmb/smbdes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index ba214a2eb0..e60b93d6a2 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -259,7 +259,7 @@ static void dohash(char *out, char *in, char *key, int forw) permute(out, rl, perm6, 64); } -static void str_to_key(unsigned char *str,unsigned char *key) +static void str_to_key(const uchar *str, uchar *key) { int i; @@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -void smbhash(unsigned char *out, const uchar *in, unsigned char *key, int forw) +void smbhash(unsigned char *out, const uchar *in, const uchar *key, int forw) { int i; char outb[64]; -- cgit From 3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 13 Dec 1999 13:27:58 +0000 Subject: first pass at updating head branch to be to be the same as the SAMBA_2_0 branch (This used to be commit 453a822a76780063dff23526c35408866d0c0154) --- source3/libsmb/smbdes.c | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index e60b93d6a2..d0e1c6e85f 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -259,7 +259,7 @@ static void dohash(char *out, char *in, char *key, int forw) permute(out, rl, perm6, 64); } -static void str_to_key(const uchar *str, uchar *key) +static void str_to_key(unsigned char *str,unsigned char *key) { int i; @@ -277,7 +277,7 @@ static void str_to_key(const uchar *str, uchar *key) } -void smbhash(unsigned char *out, const uchar *in, const uchar *key, int forw) +static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) { int i; char outb[64]; @@ -365,10 +365,6 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) unsigned char index_j = 0; unsigned char j = 0; int ind; - int len = 0; - if (val == 1) len = 516; - if (val == 0) len = 16; - if (val == 2) len = 68; for (ind = 0; ind < 256; ind++) { @@ -385,7 +381,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - for( ind = 0; ind < len; ind++) + for( ind = 0; ind < (val ? 516 : 16); ind++) { unsigned char tc; unsigned char t; @@ -401,16 +397,3 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) data[ind] = data[ind] ^ s_box[t]; } } - -void sam_pwd_hash(uint32 rid, const uchar *in, uchar *out, int forw) -{ - unsigned char s[14]; - - s[0] = s[4] = s[8] = s[12] = (unsigned char)(rid & 0xFF); - s[1] = s[5] = s[9] = s[13] = (unsigned char)((rid >> 8) & 0xFF); - s[2] = s[6] = s[10] = (unsigned char)((rid >> 16) & 0xFF); - s[3] = s[7] = s[11] = (unsigned char)((rid >> 24) & 0xFF); - - smbhash(out, in, s, forw); - smbhash(out+8, in+8, s+7, forw); -} -- cgit From 3f1254bee1b3cc8cce1e17be6f0250090f579417 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 20 Jun 2001 19:55:59 +0000 Subject: Fixed W2K SP2 joining a Samba PDC hosted domain. Jermey. (This used to be commit 05a2911403a0710d994a618e72743205a3b0b87a) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index d0e1c6e85f..7e8a9a5b89 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -381,7 +381,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) s_box[ind] = s_box[j]; s_box[j] = tc; } - for( ind = 0; ind < (val ? 516 : 16); ind++) + for( ind = 0; ind < val; ind++) { unsigned char tc; unsigned char t; -- cgit From 7be19ad10fc30fab199653facd11496170219e1b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 7 Jul 2001 07:00:15 +0000 Subject: Add backend encryption support for NTLMv2. The leg-work for this was done by the folks at samba-tng.org, I'm just bringing it accross to HEAD. The MD5 implementation is seperatly derived, and does not have the copyright problems that the one in TNG has. Also add const to a few places where it makes sence. Andrew Bartlett (This used to be commit 8df8e841445dfe09fc7a06bb55d12adc3fecb345) --- source3/libsmb/smbdes.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 7e8a9a5b89..c5dbbdf99a 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -259,7 +259,7 @@ static void dohash(char *out, char *in, char *key, int forw) permute(out, rl, perm6, 64); } -static void str_to_key(unsigned char *str,unsigned char *key) +static void str_to_key(const unsigned char *str,unsigned char *key) { int i; @@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw) +static void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { int i; char outb[64]; @@ -305,14 +305,14 @@ static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, i } } -void E_P16(unsigned char *p14,unsigned char *p16) +void E_P16(const unsigned char *p14,unsigned char *p16) { unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; smbhash(p16, sp8, p14, 1); smbhash(p16+8, sp8, p14+7, 1); } -void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) +void E_P24(const unsigned char *p21, const unsigned char *c8, unsigned char *p24) { smbhash(p24, c8, p21, 1); smbhash(p24+8, c8, p21+7, 1); -- cgit From 82a8f8a171e4290cbae3d24069034191bf7f9f47 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 14 Sep 2001 04:34:06 +0000 Subject: Merge of sam_pwd_hash() function from tng. (This used to be commit b6cb6b837ac06d8b9cb898668e69236b64a8b698) --- source3/libsmb/smbdes.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index c5dbbdf99a..30a5746934 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -397,3 +397,20 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val) data[ind] = data[ind] ^ s_box[t]; } } + +/* Decode a sam password hash into a password. The password hash is the + same method used to store passwords in the NT registry. The DES key + used is based on the RID of the user. */ + +void sam_pwd_hash(unsigned int rid, const uchar *in, uchar *out, int forw) +{ + uchar s[14]; + + s[0] = s[4] = s[8] = s[12] = (uchar)(rid & 0xFF); + s[1] = s[5] = s[9] = s[13] = (uchar)((rid >> 8) & 0xFF); + s[2] = s[6] = s[10] = (uchar)((rid >> 16) & 0xFF); + s[3] = s[7] = s[11] = (uchar)((rid >> 24) & 0xFF); + + smbhash(out, in, s, forw); + smbhash(out+8, in+8, s+7, forw); +} -- cgit From d9d7f023d8d11943ca0375e1573e6ec9921889bc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 29 Oct 2001 07:35:11 +0000 Subject: This commit is number 4 of 4. In particular this commit focuses on: Actually adding the 'const' to the passdb interface, and the flow-on changes. Also kill off the 'disp_info' stuff, as its no longer used. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes introduces a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username --- This finishes this line of commits off, your tree should now compile again :-) Andrew Bartlett (This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317) --- source3/libsmb/smbdes.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 30a5746934..866fc0c7e0 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -319,19 +319,19 @@ void E_P24(const unsigned char *p21, const unsigned char *c8, unsigned char *p24 smbhash(p24+16, c8, p21+14, 1); } -void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out) +void D_P16(const unsigned char *p14, const unsigned char *in, unsigned char *out) { smbhash(out, in, p14, 0); smbhash(out+8, in+8, p14+7, 0); } -void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out) +void E_old_pw_hash( unsigned char *p14, const unsigned char *in, unsigned char *out) { smbhash(out, in, p14, 1); smbhash(out+8, in+8, p14+7, 1); } -void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) +void cred_hash1(unsigned char *out, const unsigned char *in,unsigned char *key) { unsigned char buf[8]; @@ -339,7 +339,7 @@ void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) smbhash(out, buf, key+9, 1); } -void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) +void cred_hash2(unsigned char *out, const unsigned char *in,unsigned char *key) { unsigned char buf[8]; static unsigned char key2[8]; @@ -358,7 +358,7 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } -void SamOEMhash( unsigned char *data, unsigned char *key, int val) +void SamOEMhash( unsigned char *data, const unsigned char *key, int val) { unsigned char s_box[256]; unsigned char index_i = 0; -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/libsmb/smbdes.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 866fc0c7e0..dd50feb44d 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -1,6 +1,5 @@ /* - Unix SMB/Netbios implementation. - Version 1.9. + Unix SMB/CIFS implementation. a partial implementation of DES designed for use in the SMB authentication protocol -- cgit From e51c3224d0b8b5760c48ebe4f859f27cf3c202b6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 2 Mar 2002 04:41:55 +0000 Subject: Add a dash of const here and there... (This used to be commit 413a46292b4e963343abce2428955305052e9cb4) --- source3/libsmb/smbdes.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index dd50feb44d..440121d126 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -330,7 +330,7 @@ void E_old_pw_hash( unsigned char *p14, const unsigned char *in, unsigned char * smbhash(out+8, in+8, p14+7, 1); } -void cred_hash1(unsigned char *out, const unsigned char *in,unsigned char *key) +void cred_hash1(unsigned char *out, const unsigned char *in, const unsigned char *key) { unsigned char buf[8]; @@ -338,7 +338,7 @@ void cred_hash1(unsigned char *out, const unsigned char *in,unsigned char *key) smbhash(out, buf, key+9, 1); } -void cred_hash2(unsigned char *out, const unsigned char *in,unsigned char *key) +void cred_hash2(unsigned char *out, const unsigned char *in, const unsigned char *key) { unsigned char buf[8]; static unsigned char key2[8]; @@ -348,7 +348,7 @@ void cred_hash2(unsigned char *out, const unsigned char *in,unsigned char *key) smbhash(out, buf, key2, 1); } -void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw) +void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key, int forw) { static unsigned char key2[8]; -- cgit From 33dd5128961f2a39cd70c7b6766a524aba2443d7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 23 Mar 2002 08:45:03 +0000 Subject: Make a number of the lookup tables 'const'. I'm told this assists in sharing memory between users of shared libs. Andrew Bartlett (This used to be commit 41dd5a4d292bb08fa313f6220014cd9b4490237b) --- source3/libsmb/smbdes.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 440121d126..cde77f94a3 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -48,7 +48,7 @@ #define uchar unsigned char -static uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, +static const uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, @@ -57,7 +57,7 @@ static uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4}; -static uchar perm2[48] = {14, 17, 11, 24, 1, 5, +static const uchar perm2[48] = {14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, @@ -66,7 +66,7 @@ static uchar perm2[48] = {14, 17, 11, 24, 1, 5, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32}; -static uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, +static const uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, @@ -75,7 +75,7 @@ static uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7}; -static uchar perm4[48] = { 32, 1, 2, 3, 4, 5, +static const uchar perm4[48] = { 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, @@ -84,7 +84,7 @@ static uchar perm4[48] = { 32, 1, 2, 3, 4, 5, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1}; -static uchar perm5[32] = { 16, 7, 20, 21, +static const uchar perm5[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, @@ -94,7 +94,7 @@ static uchar perm5[32] = { 16, 7, 20, 21, 22, 11, 4, 25}; -static uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, +static const uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, @@ -104,9 +104,9 @@ static uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, 33, 1, 41, 9, 49, 17, 57, 25}; -static uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; +static const uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; -static uchar sbox[8][4][16] = { +static const uchar sbox[8][4][16] = { {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, @@ -147,7 +147,7 @@ static uchar sbox[8][4][16] = { {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; -static void permute(char *out, char *in, uchar *p, int n) +static void permute(char *out, const char *in, const uchar *p, int n) { int i; for (i=0;i Date: Sat, 22 Nov 2003 23:38:41 +0000 Subject: Add support for variable-length session keys in our client code. This means that we now support 'net rpc join' with KRB5 (des based) logins. Now, you need to hack 'net' to do that, but the principal is important... When we add kerberos to 'net rpc', it should be possible to still do user management and the like over RPC. (server-side support to follow shortly) Andrew Bartlett (This used to be commit 9ecf9408d98639186b283f1acf0fac46417547d0) --- source3/libsmb/smbdes.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index cde77f94a3..ae946b4a66 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -397,6 +397,46 @@ void SamOEMhash( unsigned char *data, const unsigned char *key, int val) } } +void SamOEMhashBlob( unsigned char *data, int len, DATA_BLOB *key) +{ + unsigned char s_box[256]; + unsigned char index_i = 0; + unsigned char index_j = 0; + unsigned char j = 0; + int ind; + + for (ind = 0; ind < 256; ind++) + { + s_box[ind] = (unsigned char)ind; + } + + for( ind = 0; ind < 256; ind++) + { + unsigned char tc; + + j += (s_box[ind] + key->data[ind%key->length]); + + tc = s_box[ind]; + s_box[ind] = s_box[j]; + s_box[j] = tc; + } + for( ind = 0; ind < len; ind++) + { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += s_box[index_i]; + + tc = s_box[index_i]; + s_box[index_i] = s_box[index_j]; + s_box[index_j] = tc; + + t = s_box[index_i] + s_box[index_j]; + data[ind] = data[ind] ^ s_box[t]; + } +} + /* Decode a sam password hash into a password. The password hash is the same method used to store passwords in the NT registry. The DES key used is based on the RID of the user. */ -- cgit From 26e12ebd07afbafb29f4d2974a9dd599eec606e0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 27 May 2005 16:15:56 +0000 Subject: r7031: Added encrypt/decrypt function for LSA secrets and trusted domain passwords on the wire. Jeremy. (This used to be commit f82dcac25faf7876655cb1839846cc5e01e4add7) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index ae946b4a66..70581f1b2d 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -276,7 +276,7 @@ static void str_to_key(const unsigned char *str,unsigned char *key) } -static void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) +void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { int i; char outb[64]; -- cgit From e9b511a32df8e61e34e585d66fc5c4b187da60f0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 27 May 2005 16:21:19 +0000 Subject: r7033: Call a spade a spade :-). Jeremy. (This used to be commit f5027f6370bd085a8d4c1a221881eebb0e4ffbab) --- source3/libsmb/smbdes.c | 174 +++++++++++++++++++++++------------------------- 1 file changed, 84 insertions(+), 90 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 70581f1b2d..b7f0cd05c3 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -276,7 +276,7 @@ static void str_to_key(const unsigned char *str,unsigned char *key) } -void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) +void des_crypt56(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { int i; char outb[64]; @@ -307,35 +307,35 @@ void smbhash(unsigned char *out, const unsigned char *in, const unsigned char *k void E_P16(const unsigned char *p14,unsigned char *p16) { unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - smbhash(p16, sp8, p14, 1); - smbhash(p16+8, sp8, p14+7, 1); + des_crypt56(p16, sp8, p14, 1); + des_crypt56(p16+8, sp8, p14+7, 1); } void E_P24(const unsigned char *p21, const unsigned char *c8, unsigned char *p24) { - smbhash(p24, c8, p21, 1); - smbhash(p24+8, c8, p21+7, 1); - smbhash(p24+16, c8, p21+14, 1); + des_crypt56(p24, c8, p21, 1); + des_crypt56(p24+8, c8, p21+7, 1); + des_crypt56(p24+16, c8, p21+14, 1); } void D_P16(const unsigned char *p14, const unsigned char *in, unsigned char *out) { - smbhash(out, in, p14, 0); - smbhash(out+8, in+8, p14+7, 0); + des_crypt56(out, in, p14, 0); + des_crypt56(out+8, in+8, p14+7, 0); } void E_old_pw_hash( unsigned char *p14, const unsigned char *in, unsigned char *out) { - smbhash(out, in, p14, 1); - smbhash(out+8, in+8, p14+7, 1); + des_crypt56(out, in, p14, 1); + des_crypt56(out+8, in+8, p14+7, 1); } void cred_hash1(unsigned char *out, const unsigned char *in, const unsigned char *key) { unsigned char buf[8]; - smbhash(buf, in, key, 1); - smbhash(out, buf, key+9, 1); + des_crypt56(buf, in, key, 1); + des_crypt56(out, buf, key+9, 1); } void cred_hash2(unsigned char *out, const unsigned char *in, const unsigned char *key) @@ -343,98 +343,92 @@ void cred_hash2(unsigned char *out, const unsigned char *in, const unsigned char unsigned char buf[8]; static unsigned char key2[8]; - smbhash(buf, in, key, 1); + des_crypt56(buf, in, key, 1); key2[0] = key[7]; - smbhash(out, buf, key2, 1); + des_crypt56(out, buf, key2, 1); } void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key, int forw) { static unsigned char key2[8]; - smbhash(out, in, key, forw); + des_crypt56(out, in, key, forw); key2[0] = key[7]; - smbhash(out + 8, in + 8, key2, forw); + des_crypt56(out + 8, in + 8, key2, forw); } void SamOEMhash( unsigned char *data, const unsigned char *key, int val) { - unsigned char s_box[256]; - unsigned char index_i = 0; - unsigned char index_j = 0; - unsigned char j = 0; - int ind; - - for (ind = 0; ind < 256; ind++) - { - s_box[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) - { - unsigned char tc; - - j += (s_box[ind] + key[ind%16]); - - tc = s_box[ind]; - s_box[ind] = s_box[j]; - s_box[j] = tc; - } - for( ind = 0; ind < val; ind++) - { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += s_box[index_i]; - - tc = s_box[index_i]; - s_box[index_i] = s_box[index_j]; - s_box[index_j] = tc; - - t = s_box[index_i] + s_box[index_j]; - data[ind] = data[ind] ^ s_box[t]; - } + unsigned char s_box[256]; + unsigned char index_i = 0; + unsigned char index_j = 0; + unsigned char j = 0; + int ind; + + for (ind = 0; ind < 256; ind++) { + s_box[ind] = (unsigned char)ind; + } + + for( ind = 0; ind < 256; ind++) { + unsigned char tc; + + j += (s_box[ind] + key[ind%16]); + + tc = s_box[ind]; + s_box[ind] = s_box[j]; + s_box[j] = tc; + } + for( ind = 0; ind < val; ind++) { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += s_box[index_i]; + + tc = s_box[index_i]; + s_box[index_i] = s_box[index_j]; + s_box[index_j] = tc; + + t = s_box[index_i] + s_box[index_j]; + data[ind] = data[ind] ^ s_box[t]; + } } void SamOEMhashBlob( unsigned char *data, int len, DATA_BLOB *key) { - unsigned char s_box[256]; - unsigned char index_i = 0; - unsigned char index_j = 0; - unsigned char j = 0; - int ind; - - for (ind = 0; ind < 256; ind++) - { - s_box[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) - { - unsigned char tc; - - j += (s_box[ind] + key->data[ind%key->length]); - - tc = s_box[ind]; - s_box[ind] = s_box[j]; - s_box[j] = tc; - } - for( ind = 0; ind < len; ind++) - { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += s_box[index_i]; - - tc = s_box[index_i]; - s_box[index_i] = s_box[index_j]; - s_box[index_j] = tc; - - t = s_box[index_i] + s_box[index_j]; - data[ind] = data[ind] ^ s_box[t]; - } + unsigned char s_box[256]; + unsigned char index_i = 0; + unsigned char index_j = 0; + unsigned char j = 0; + int ind; + + for (ind = 0; ind < 256; ind++) { + s_box[ind] = (unsigned char)ind; + } + + for( ind = 0; ind < 256; ind++) { + unsigned char tc; + + j += (s_box[ind] + key->data[ind%key->length]); + + tc = s_box[ind]; + s_box[ind] = s_box[j]; + s_box[j] = tc; + } + for( ind = 0; ind < len; ind++) { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += s_box[index_i]; + + tc = s_box[index_i]; + s_box[index_i] = s_box[index_j]; + s_box[index_j] = tc; + + t = s_box[index_i] + s_box[index_j]; + data[ind] = data[ind] ^ s_box[t]; + } } /* Decode a sam password hash into a password. The password hash is the @@ -450,6 +444,6 @@ void sam_pwd_hash(unsigned int rid, const uchar *in, uchar *out, int forw) s[2] = s[6] = s[10] = (uchar)((rid >> 16) & 0xFF); s[3] = s[7] = s[11] = (uchar)((rid >> 24) & 0xFF); - smbhash(out, in, s, forw); - smbhash(out+8, in+8, s+7, forw); + des_crypt56(out, in, s, forw); + des_crypt56(out+8, in+8, s+7, forw); } -- cgit From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/libsmb/smbdes.c | 78 ++++++++----------------------------------------- 1 file changed, 12 insertions(+), 66 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index b7f0cd05c3..dc49396d9e 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -357,78 +357,24 @@ void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key, des_crypt56(out + 8, in + 8, key2, forw); } -void SamOEMhash( unsigned char *data, const unsigned char *key, int val) -{ - unsigned char s_box[256]; - unsigned char index_i = 0; - unsigned char index_j = 0; - unsigned char j = 0; - int ind; - - for (ind = 0; ind < 256; ind++) { - s_box[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) { - unsigned char tc; +/***************************************************************** + arc4 crypt/decrypt with a 16 byte key. +*****************************************************************/ - j += (s_box[ind] + key[ind%16]); - - tc = s_box[ind]; - s_box[ind] = s_box[j]; - s_box[j] = tc; - } - for( ind = 0; ind < val; ind++) { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += s_box[index_i]; - - tc = s_box[index_i]; - s_box[index_i] = s_box[index_j]; - s_box[index_j] = tc; +void SamOEMhash( unsigned char *data, const unsigned char key[16], size_t len) +{ + unsigned char arc4_state[258]; - t = s_box[index_i] + s_box[index_j]; - data[ind] = data[ind] ^ s_box[t]; - } + smb_arc4_init(arc4_state, key, 16); + smb_arc4_crypt(arc4_state, data, len); } -void SamOEMhashBlob( unsigned char *data, int len, DATA_BLOB *key) +void SamOEMhashBlob( unsigned char *data, size_t len, DATA_BLOB *key) { - unsigned char s_box[256]; - unsigned char index_i = 0; - unsigned char index_j = 0; - unsigned char j = 0; - int ind; - - for (ind = 0; ind < 256; ind++) { - s_box[ind] = (unsigned char)ind; - } - - for( ind = 0; ind < 256; ind++) { - unsigned char tc; - - j += (s_box[ind] + key->data[ind%key->length]); - - tc = s_box[ind]; - s_box[ind] = s_box[j]; - s_box[j] = tc; - } - for( ind = 0; ind < len; ind++) { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += s_box[index_i]; + unsigned char arc4_state[258]; - tc = s_box[index_i]; - s_box[index_i] = s_box[index_j]; - s_box[index_j] = tc; - - t = s_box[index_i] + s_box[index_j]; - data[ind] = data[ind] ^ s_box[t]; - } + smb_arc4_init(arc4_state, key->data, key->length); + smb_arc4_crypt(arc4_state, data, len); } /* Decode a sam password hash into a password. The password hash is the -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index dc49396d9e..4378385f3f 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -348,7 +348,7 @@ void cred_hash2(unsigned char *out, const unsigned char *in, const unsigned char des_crypt56(out, buf, key2, 1); } -void cred_hash3(unsigned char *out, unsigned char *in, const unsigned char *key, int forw) +void cred_hash3(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { static unsigned char key2[8]; -- cgit From ad8b47a2ba4e81420bc2272e8438a727cc2223ee Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Feb 2006 07:03:23 +0000 Subject: r13407: Change the credentials code to be more like the Samba4 structure, makes fixes much easier to port. Fix the size of dc->sess_key to be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd store in secrets.tdb though. Should fix some uses of the dc->sess_key where we where assuming we could read 16 bytes. Jeremy. (This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f) --- source3/libsmb/smbdes.c | 36 +++++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 4378385f3f..ee43f4beee 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -258,7 +258,8 @@ static void dohash(char *out, char *in, char *key, int forw) permute(out, rl, perm6, 64); } -static void str_to_key(const unsigned char *str,unsigned char *key) +/* Convert a 7 byte string to an 8 byte key. */ +static void str_to_key(const unsigned char str[7], unsigned char key[8]) { int i; @@ -330,7 +331,8 @@ void E_old_pw_hash( unsigned char *p14, const unsigned char *in, unsigned char * des_crypt56(out+8, in+8, p14+7, 1); } -void cred_hash1(unsigned char *out, const unsigned char *in, const unsigned char *key) +/* forward des encryption with a 128 bit key */ +void des_crypt128(unsigned char out[8], const unsigned char in[8], const unsigned char key[16]) { unsigned char buf[8]; @@ -338,25 +340,49 @@ void cred_hash1(unsigned char *out, const unsigned char *in, const unsigned char des_crypt56(out, buf, key+9, 1); } -void cred_hash2(unsigned char *out, const unsigned char *in, const unsigned char *key) +/* forward des encryption with a 64 bit key */ +void des_crypt64(unsigned char out[8], const unsigned char in[8], const unsigned char key[8]) { unsigned char buf[8]; - static unsigned char key2[8]; + unsigned char key2[8]; + memset(key2,'\0',8); des_crypt56(buf, in, key, 1); key2[0] = key[7]; des_crypt56(out, buf, key2, 1); } +/* des encryption with a 112 bit (14 byte) key */ +/* Note that if the forw is 1, and key is actually 8 bytes of key, followed by 6 bytes of zeros, + this is identical to des_crypt64(). JRA. */ + +void des_crypt112(unsigned char out[8], const unsigned char in[8], const unsigned char key[14], int forw) +{ + unsigned char buf[8]; + des_crypt56(buf, in, key, forw); + des_crypt56(out, buf, key+7, forw); +} + void cred_hash3(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { - static unsigned char key2[8]; + unsigned char key2[8]; + memset(key2,'\0',8); des_crypt56(out, in, key, forw); key2[0] = key[7]; des_crypt56(out + 8, in + 8, key2, forw); } +/* des encryption of a 16 byte lump of data with a 112 bit key */ +/* Note that if the key is actually 8 bytes of key, followed by 6 bytes of zeros, + this is identical to cred_hash3(). JRA. */ + +void des_crypt112_16(unsigned char out[16], unsigned char in[16], const unsigned char key[14], int forw) +{ + des_crypt56(out, in, key, forw); + des_crypt56(out + 8, in + 8, key+7, forw); +} + /***************************************************************** arc4 crypt/decrypt with a 16 byte key. *****************************************************************/ -- cgit From f8a17bd8bdbb52b200671e7ed52ffd982419f3f6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 4 Sep 2006 19:47:48 +0000 Subject: r18047: More C++ stuff (This used to be commit 86f4ca84f2df2aa8977eb24828e3aa840dda7201) --- source3/libsmb/smbdes.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index ee43f4beee..8168eee207 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -172,7 +172,7 @@ static void concat(char *out, char *in1, char *in2, int l1, int l2) *out++ = *in2++; } -static void xor(char *out, char *in1, char *in2, int n) +static void x_or(char *out, char *in1, char *in2, int n) { int i; for (i=0;i Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/libsmb/smbdes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 8168eee207..bfebc7237a 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -8,7 +8,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/libsmb/smbdes.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/libsmb/smbdes.c') diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index bfebc7237a..98d5cd05b7 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -17,8 +17,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit