From 5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 25 May 2004 14:06:28 +0000 Subject: r874: This patch is a pile of work on NTLMSSP: Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9) --- source4/lib/crypto/hmacmd5.c | 15 +----------- source4/lib/util_str.c | 56 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 14 deletions(-) (limited to 'source4/lib') diff --git a/source4/lib/crypto/hmacmd5.c b/source4/lib/crypto/hmacmd5.c index 8ca7dba841..7697ac8a69 100644 --- a/source4/lib/crypto/hmacmd5.c +++ b/source4/lib/crypto/hmacmd5.c @@ -77,20 +77,7 @@ void hmac_md5_init_limK_to_64(const uchar* key, int key_len, key_len = 64; } - /* start out by storing key in pads */ - ZERO_STRUCT(ctx->k_ipad); - ZERO_STRUCT(ctx->k_opad); - memcpy( ctx->k_ipad, key, key_len); - memcpy( ctx->k_opad, key, key_len); - - /* XOR key with ipad and opad values */ - for (i=0; i<64; i++) { - ctx->k_ipad[i] ^= 0x36; - ctx->k_opad[i] ^= 0x5c; - } - - MD5Init(&ctx->ctx); - MD5Update(&ctx->ctx, ctx->k_ipad, 64); + hmac_md5_init_rfc2104(key, key_len, ctx); } /*********************************************************************** diff --git a/source4/lib/util_str.c b/source4/lib/util_str.c index 7bdec8c1e9..7d6505bab2 100644 --- a/source4/lib/util_str.c +++ b/source4/lib/util_str.c @@ -1196,6 +1196,62 @@ void ipstr_list_free(char* ipstr_list) SAFE_FREE(ipstr_list); } +/** + Routine to get hex characters and turn them into a 16 byte array. + the array can be variable length, and any non-hex-numeric + characters are skipped. "0xnn" or "0Xnn" is specially catered + for. + + valid examples: "0A5D15"; "0x15, 0x49, 0xa2"; "59\ta9\te3\n" + +**/ + +size_t strhex_to_str(char *p, size_t len, const char *strhex) +{ + size_t i; + size_t num_chars = 0; + unsigned char lonybble, hinybble; + const char *hexchars = "0123456789ABCDEF"; + char *p1 = NULL, *p2 = NULL; + + for (i = 0; i < len && strhex[i] != 0; i++) { + if (strnequal(hexchars, "0x", 2)) { + i++; /* skip two chars */ + continue; + } + + if (!(p1 = strchr_m(hexchars, toupper(strhex[i])))) + break; + + i++; /* next hex digit */ + + if (!(p2 = strchr_m(hexchars, toupper(strhex[i])))) + break; + + /* get the two nybbles */ + hinybble = PTR_DIFF(p1, hexchars); + lonybble = PTR_DIFF(p2, hexchars); + + p[num_chars] = (hinybble << 4) | lonybble; + num_chars++; + + p1 = NULL; + p2 = NULL; + } + return num_chars; +} + +DATA_BLOB strhex_to_data_blob(const char *strhex) +{ + DATA_BLOB ret_blob = data_blob(NULL, strlen(strhex)/2+1); + + ret_blob.length = strhex_to_str(ret_blob.data, + strlen(strhex), + strhex); + + return ret_blob; +} + /** Unescape a URL encoded string, in place. -- cgit