diff options
author | Andrew Bartlett <abartlet@samba.org> | 2001-07-07 07:00:15 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2001-07-07 07:00:15 +0000 |
commit | 7be19ad10fc30fab199653facd11496170219e1b (patch) | |
tree | 2d4e14c153cc19e5bf893b47f28a4e8c4799277c /source3/lib/hmacmd5.c | |
parent | 1c3c9952210346aff1138a4417ff3ceff3ecd9c3 (diff) | |
download | samba-7be19ad10fc30fab199653facd11496170219e1b.tar.gz samba-7be19ad10fc30fab199653facd11496170219e1b.tar.xz samba-7be19ad10fc30fab199653facd11496170219e1b.zip |
Add backend encryption support for NTLMv2.
The leg-work for this was done by the folks at samba-tng.org, I'm just bringing
it accross to HEAD.
The MD5 implementation is seperatly derived, and does not have the copyright
problems that the one in TNG has.
Also add const to a few places where it makes sence.
Andrew Bartlett
(This used to be commit 8df8e841445dfe09fc7a06bb55d12adc3fecb345)
Diffstat (limited to 'source3/lib/hmacmd5.c')
-rw-r--r-- | source3/lib/hmacmd5.c | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/source3/lib/hmacmd5.c b/source3/lib/hmacmd5.c new file mode 100644 index 00000000000..1d9b89e0cce --- /dev/null +++ b/source3/lib/hmacmd5.c @@ -0,0 +1,136 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + HMAC MD5 code for use in NTLMv2 + Copyright (C) Luke Kenneth Casson Leighton 1996-2000 + Copyright (C) Andrew Tridgell 1992-2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* taken direct from rfc2104 implementation and modified for suitable use + * for ntlmv2. + */ + +#include "includes.h" + +/*********************************************************************** + the rfc 2104 version of hmac_md5 initialisation. +***********************************************************************/ +void hmac_md5_init_rfc2104(uchar* key, int key_len, HMACMD5Context *ctx) +{ + int i; + + /* if key is longer than 64 bytes reset it to key=MD5(key) */ + if (key_len > 64) + { + uchar tk[16]; + struct MD5Context tctx; + + MD5Init(&tctx); + MD5Update(&tctx, key, key_len); + MD5Final(tk, &tctx); + + key = tk; + key_len = 16; + } + + /* start out by storing key in pads */ + ZERO_STRUCT(ctx->k_ipad); + ZERO_STRUCT(ctx->k_opad); + bcopy( key, ctx->k_ipad, key_len); + bcopy( key, ctx->k_opad, key_len); + + /* XOR key with ipad and opad values */ + for (i=0; i<64; i++) + { + ctx->k_ipad[i] ^= 0x36; + ctx->k_opad[i] ^= 0x5c; + } + + MD5Init(&ctx->ctx); + MD5Update(&ctx->ctx, ctx->k_ipad, 64); +} + +/*********************************************************************** + the microsoft version of hmac_md5 initialisation. +***********************************************************************/ +void hmac_md5_init_limK_to_64(const uchar* key, int key_len, + HMACMD5Context *ctx) +{ + int i; + + /* if key is longer than 64 bytes truncate it */ + if (key_len > 64) + { + key_len = 64; + } + + /* start out by storing key in pads */ + ZERO_STRUCT(ctx->k_ipad); + ZERO_STRUCT(ctx->k_opad); + bcopy( key, ctx->k_ipad, key_len); + bcopy( key, ctx->k_opad, key_len); + + /* XOR key with ipad and opad values */ + for (i=0; i<64; i++) + { + ctx->k_ipad[i] ^= 0x36; + ctx->k_opad[i] ^= 0x5c; + } + + MD5Init(&ctx->ctx); + MD5Update(&ctx->ctx, ctx->k_ipad, 64); +} + +/*********************************************************************** + update hmac_md5 "inner" buffer +***********************************************************************/ +void hmac_md5_update(const uchar* text, int text_len, HMACMD5Context *ctx) +{ + MD5Update(&ctx->ctx, text, text_len); /* then text of datagram */ +} + +/*********************************************************************** + finish off hmac_md5 "inner" buffer and generate outer one. +***********************************************************************/ +void hmac_md5_final(uchar *digest, HMACMD5Context *ctx) + +{ + struct MD5Context ctx_o; + + MD5Final(digest, &ctx->ctx); + + MD5Init(&ctx_o); + MD5Update(&ctx_o, ctx->k_opad, 64); + MD5Update(&ctx_o, digest, 16); + MD5Final(digest, &ctx_o); +} + +/*********************************************************** + single function to calculate an HMAC MD5 digest from data. + use the microsoft hmacmd5 init method because the key is 16 bytes. +************************************************************/ +void hmac_md5( uchar key[16], uchar* data, int data_len, uchar* digest) +{ + HMACMD5Context ctx; + hmac_md5_init_limK_to_64(key, 16, &ctx); + if (data_len != 0) + { + hmac_md5_update(data, data_len, &ctx); + } + hmac_md5_final(digest, &ctx); +} + |