From 32b9508d066f002e778873edc19266a6d897f922 Mon Sep 17 00:00:00 2001
From: Luke Leighton <lkcl@samba.org>
Date: Sun, 21 Nov 1999 19:59:56 +0000
Subject: implement server-side generation of NTLMv2 session key.  YESSS :-)
 (This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)

---
 source3/libsmb/pwd_cache.c  | 17 +++--------------
 source3/libsmb/smbencrypt.c | 28 ++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 14 deletions(-)

(limited to 'source3/libsmb')

diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c
index c404ccb83f..b360dbd199 100644
--- a/source3/libsmb/pwd_cache.c
+++ b/source3/libsmb/pwd_cache.c
@@ -203,8 +203,6 @@ void pwd_make_lm_nt_owf2(struct pwd_info *pwd, const uchar srv_key[8],
 		const char *user, const char *server, const char *domain)
 {
 	uchar kr[16];
-	struct MD5Context ctx5;
-	HMACMD5Context ctx;
 
 	DEBUG(10,("pwd_make_lm_nt_owf2: user %s, srv %s, dom %s\n",
 		user, server, domain));
@@ -233,14 +231,7 @@ void pwd_make_lm_nt_owf2(struct pwd_info *pwd, const uchar srv_key[8],
 	memcpy(&pwd->smb_nt_owf[16], pwd->nt_cli_chal, pwd->nt_cli_chal_len);
 	pwd->nt_owf_len = pwd->nt_cli_chal_len + 16;
 
-	hmac_md5_init_limK_to_64(kr, 16, &ctx);
-	hmac_md5_update(pwd->smb_nt_owf, 16, &ctx);
-	hmac_md5_final(pwd->sess_key, &ctx);
-#if 0
-        MD5Init(&ctx5);
-        MD5Update(&ctx5, pwd->smb_nt_owf, 16);  
-        MD5Final(pwd->sess_key, &ctx5);          
-#endif
+	SMBsesskeygen_ntv2(kr, pwd->smb_nt_owf, pwd->sess_key);
 
 #if DEBUG_PASSWORD
 #endif
@@ -288,15 +279,13 @@ void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
 	}
 	pwd_deobfuscate(pwd);
 
-	/* generate session key */
-	mdfour(pwd->sess_key, pwd->smb_nt_pwd, 16);
-
 	/* generate 24-byte hashes */
-
 	SMBOWFencrypt(pwd->smb_lm_pwd, cryptkey, pwd->smb_lm_owf);
 	SMBOWFencrypt(pwd->smb_nt_pwd, cryptkey, pwd->smb_nt_owf);
 	pwd->nt_owf_len = 24;
 
+	SMBsesskeygen_ntv1(pwd->smb_nt_pwd, pwd->smb_nt_owf, pwd->sess_key);
+
 #ifdef DEBUG_PASSWORD
 	DEBUG(100,("client cryptkey: "));
 	dump_data(100, cryptkey, 8);
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 6bc0e71f6f..3227caaa95 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -283,6 +283,34 @@ void SMBOWFencrypt_ntv2(const uchar kr[16],
 #endif
 }
 
+void SMBsesskeygen_ntv2(const uchar kr[16], 
+				const uchar *nt_resp, 
+				char sess_key[16])
+{
+	HMACMD5Context ctx;
+
+	hmac_md5_init_limK_to_64(kr, 16, &ctx);
+	hmac_md5_update(nt_resp, 16, &ctx);
+	hmac_md5_final(sess_key, &ctx);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("SMBsesskeygen_ntv2:\n"));
+	dump_data(100, sess_key, 16);
+#endif
+}
+
+void SMBsesskeygen_ntv1(const uchar kr[16], 
+				const uchar *nt_resp, 
+				char sess_key[16])
+{
+	mdfour(sess_key, kr, 16);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("SMBsesskeygen_ntv2:\n"));
+	dump_data(100, sess_key, 16);
+#endif
+}
+
 void SMBgenclientchals(char *lm_cli_chal,
 				char *nt_cli_chal, int *nt_cli_chal_len,
 				const char *srv, const char *dom)
-- 
cgit