mirror of
https://github.com/dborth/snes9xgx.git
synced 2024-11-27 21:14:21 +01:00
170 lines
6.4 KiB
C
170 lines
6.4 KiB
C
/* ========================================================================== **
|
|
*
|
|
* LMhash.c
|
|
*
|
|
* Copyright:
|
|
* Copyright (C) 2004 by Christopher R. Hertel
|
|
*
|
|
* Email: crh@ubiqx.mn.org
|
|
*
|
|
* $Id: LMhash.c,v 0.1 2004/05/30 02:26:31 crh Exp $
|
|
*
|
|
* -------------------------------------------------------------------------- **
|
|
*
|
|
* Description:
|
|
*
|
|
* Implemention of the LAN Manager hash (LM hash) and LM response
|
|
* algorithms.
|
|
*
|
|
* -------------------------------------------------------------------------- **
|
|
*
|
|
* License:
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*
|
|
* -------------------------------------------------------------------------- **
|
|
*
|
|
* Notes:
|
|
*
|
|
* This module implements the LM hash. The NT hash is simply the MD4() of
|
|
* the password, so we don't need a separate implementation of that. This
|
|
* module also implements the LM response, which can be combined with the
|
|
* NT hash to produce the NTLM response.
|
|
*
|
|
* This implementation was created based on the description in my own book.
|
|
* The book description was, in turn, written after studying many existing
|
|
* examples in various documentation. Jeremy Allison and Andrew Tridgell
|
|
* deserve lots of credit for having figured out the secrets of Lan Manager
|
|
* authentication many years ago.
|
|
*
|
|
* See:
|
|
* Implementing CIFS - the Common Internet File System
|
|
* by your truly. ISBN 0-13-047116-X, Prentice Hall PTR., August 2003
|
|
* Section 15.3, in particular.
|
|
* (Online at: http://ubiqx.org/cifs/SMB.html#SMB.8.3)
|
|
*
|
|
* ========================================================================== **
|
|
*/
|
|
|
|
#include "DES.h"
|
|
#include "LMhash.h"
|
|
|
|
|
|
/* -------------------------------------------------------------------------- **
|
|
* Static Constants:
|
|
*
|
|
* SMB_LMhash_Magic - This is the plaintext "magic string" that is used to
|
|
* generate the LM Hash from the user's password. This
|
|
* value was a Microsoft "secret" for many years.
|
|
*/
|
|
|
|
static const uchar SMB_LMhash_Magic[8] =
|
|
{ 'K', 'G', 'S', '!', '@', '#', '$', '%' };
|
|
|
|
|
|
/* -------------------------------------------------------------------------- **
|
|
* Functions:
|
|
*/
|
|
|
|
uchar *auth_LMhash( uchar *dst, const uchar *pwd, const int pwdlen )
|
|
/* ------------------------------------------------------------------------ **
|
|
* Generate an LM Hash from the input password.
|
|
*
|
|
* Input: dst - Pointer to a location to which to write the LM Hash.
|
|
* Requires 16 bytes minimum.
|
|
* pwd - Source password. Should be in OEM charset (extended
|
|
* ASCII) format in all upper-case, but this
|
|
* implementation doesn't really care. See the notes
|
|
* below.
|
|
* pwdlen - Length, in bytes, of the password. Normally, this
|
|
* will be strlen( pwd ).
|
|
*
|
|
* Output: Pointer to the resulting LM hash (same as <dst>).
|
|
*
|
|
* Notes: This function does not convert the input password to upper
|
|
* case. The upper-case conversion should be done before the
|
|
* password gets this far. DOS codepage handling and such
|
|
* should be taken into consideration. Rather than attempt to
|
|
* work out all those details here, the function assumes that
|
|
* the password is in the correct form before it reaches this
|
|
* point.
|
|
*
|
|
* ------------------------------------------------------------------------ **
|
|
*/
|
|
{
|
|
int i,
|
|
max14;
|
|
uint8_t tmp_pwd[14] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
|
|
|
|
/* Copy at most 14 bytes of <pwd> into <tmp_pwd>.
|
|
* If the password is less than 14 bytes long
|
|
* the rest will be nul padded.
|
|
*/
|
|
max14 = pwdlen > 14 ? 14 : pwdlen;
|
|
for( i = 0; i < max14; i++ )
|
|
tmp_pwd[i] = pwd[i];
|
|
|
|
/* The password is split into two 7-byte keys, each of which
|
|
* are used to DES-encrypt the magic string. The results are
|
|
* concatonated to produce the 16-byte LM Hash.
|
|
*/
|
|
(void)auth_DEShash( dst, tmp_pwd, SMB_LMhash_Magic );
|
|
(void)auth_DEShash( &dst[8], &tmp_pwd[7], SMB_LMhash_Magic );
|
|
|
|
/* Return a pointer to the result.
|
|
*/
|
|
return( dst );
|
|
} /* auth_LMhash */
|
|
|
|
|
|
uchar *auth_LMresponse( uchar *dst, const uchar *hash, const uchar *challenge )
|
|
/* ------------------------------------------------------------------------ **
|
|
* Generate the LM (or NTLM) response from the password hash and challenge.
|
|
*
|
|
* Input: dst - Pointer to memory into which to write the response.
|
|
* Must have 24 bytes available.
|
|
* hash - Pointer to the 16-byte password hash.
|
|
* challenge - Pointer to the 8-byte challenge.
|
|
*
|
|
* Output: A pointer to the 24-byte response (same as <dst>).
|
|
*
|
|
* Notes: The function does not check the lengths of the input or output
|
|
* parameters. The byte sizes given above must be respected by
|
|
* calling function.
|
|
*
|
|
* ------------------------------------------------------------------------ **
|
|
*/
|
|
{
|
|
uchar tmp[7] =
|
|
{ hash[14], hash[15], 0,0,0,0,0 }; /* 3rd key is nul-padded. */
|
|
|
|
/* It's painfully simple...
|
|
* The challenge is DES encrypted three times.
|
|
* The first time, the first 7 bytes of the hash are used.
|
|
* The second time, the second 7 bytes of the hash are used.
|
|
* The third time, the two remaining hash bytes plus five nuls are used.
|
|
* The three 8-byte results are concatonated to form the 24-byte response.
|
|
*/
|
|
(void)auth_DEShash( dst, hash, challenge );
|
|
(void)auth_DEShash( &dst[8], &hash[7], challenge );
|
|
(void)auth_DEShash( &dst[16], tmp, challenge );
|
|
|
|
/* Return the result.
|
|
*/
|
|
return( dst );
|
|
} /* auth_LMresponse */
|
|
|
|
/* ========================================================================== */
|