OpenVAS Libraries  9.0.3
smb_crypt.c
Go to the documentation of this file.
1 /*
2  Unix SMB/Netbios implementation.
3  Version 1.9.
4 
5  a partial implementation of DES designed for use in the
6  SMB authentication protocol
7 
8  Copyright (C) Andrew Tridgell 1998-2000
9 
10  This program is free software; you can redistribute it and/or modify
11  it under the terms of the GNU General Public License as published by
12  the Free Software Foundation; either version 2 of the License, or
13  (at your option) any later version.
14 
15  This program is distributed in the hope that it will be useful,
16  but WITHOUT ANY WARRANTY; without even the implied warranty of
17  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  GNU General Public License for more details.
19 
20  You should have received a copy of the GNU General Public License
21  along with this program; if not, write to the Free Software Foundation,
22  Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24 
25 /* NOTES:
26 
27  This code makes no attempt to be fast! In fact, it is a very
28  slow implementation
29 
30  This code is NOT a complete DES implementation. It implements only
31  the minimum necessary for SMB authentication, as used by all SMB
32  products (including every copy of Microsoft Windows95 ever sold)
33 
34  In particular, it can only do a unchained forward DES pass. This
35  means it is not possible to use this code for encryption/decryption
36  of data, instead it is only useful as a "hash" algorithm.
37 
38  There is no entry point into this code that allows normal DES operation.
39 
40  I believe this means that this code does not come under ITAR
41  regulations but this is NOT a legal opinion. If you are concerned
42  about the applicability of ITAR regulations to this code then you
43  should confirm it for yourself (and maybe let me know if you come
44  up with a different answer to the one above)
45 
46  MODIFICATION: support for NTLMSSP feature in OpenVAS
47  Modified By Preeti Subramanian <spreeti@secpod.com>
48  * BOOL is replaced by bool
49  * SMBNTLMv2encrypt_hash function body is modified - does not compute
50  ntv2_owf_gen, rather ntv2_owf_gen value is passed to this function
51  and this function returns void,
52  * SMBNTLMv2encrypt_hash, LMv2_generate_response, NTLMv2_generate_response,
53  NTLMv2_generate_client_data functions' signatures are modified.
54 */
55 
56 #include <glib.h> /* for g_malloc0() */
57 #include "smb_crypt.h"
58 #include "proto.h"
59 #define int16 1
60 
61 #ifndef FSTRING_LEN
62 #define FSTRING_LEN 256
63 typedef char fstring[FSTRING_LEN];
64 #endif
65 
66 
67 static const uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9,
68  1, 58, 50, 42, 34, 26, 18,
69  10, 2, 59, 51, 43, 35, 27,
70  19, 11, 3, 60, 52, 44, 36,
71  63, 55, 47, 39, 31, 23, 15,
72  7, 62, 54, 46, 38, 30, 22,
73  14, 6, 61, 53, 45, 37, 29,
74  21, 13, 5, 28, 20, 12, 4};
75 
76 static const uchar perm2[48] = {14, 17, 11, 24, 1, 5,
77  3, 28, 15, 6, 21, 10,
78  23, 19, 12, 4, 26, 8,
79  16, 7, 27, 20, 13, 2,
80  41, 52, 31, 37, 47, 55,
81  30, 40, 51, 45, 33, 48,
82  44, 49, 39, 56, 34, 53,
83  46, 42, 50, 36, 29, 32};
84 
85 static const uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2,
86  60, 52, 44, 36, 28, 20, 12, 4,
87  62, 54, 46, 38, 30, 22, 14, 6,
88  64, 56, 48, 40, 32, 24, 16, 8,
89  57, 49, 41, 33, 25, 17, 9, 1,
90  59, 51, 43, 35, 27, 19, 11, 3,
91  61, 53, 45, 37, 29, 21, 13, 5,
92  63, 55, 47, 39, 31, 23, 15, 7};
93 
94 static const uchar perm4[48] = { 32, 1, 2, 3, 4, 5,
95  4, 5, 6, 7, 8, 9,
96  8, 9, 10, 11, 12, 13,
97  12, 13, 14, 15, 16, 17,
98  16, 17, 18, 19, 20, 21,
99  20, 21, 22, 23, 24, 25,
100  24, 25, 26, 27, 28, 29,
101  28, 29, 30, 31, 32, 1};
102 
103 static const uchar perm5[32] = { 16, 7, 20, 21,
104  29, 12, 28, 17,
105  1, 15, 23, 26,
106  5, 18, 31, 10,
107  2, 8, 24, 14,
108  32, 27, 3, 9,
109  19, 13, 30, 6,
110  22, 11, 4, 25};
111 
112 
113 static const uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32,
114  39, 7, 47, 15, 55, 23, 63, 31,
115  38, 6, 46, 14, 54, 22, 62, 30,
116  37, 5, 45, 13, 53, 21, 61, 29,
117  36, 4, 44, 12, 52, 20, 60, 28,
118  35, 3, 43, 11, 51, 19, 59, 27,
119  34, 2, 42, 10, 50, 18, 58, 26,
120  33, 1, 41, 9, 49, 17, 57, 25};
121 
122 
123 static const uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
124 
125 static const uchar sbox[8][4][16] = {
126  {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
127  {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
128  {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
129  {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},
130 
131  {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
132  {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
133  {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
134  {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},
135 
136  {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
137  {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
138  {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
139  {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},
140 
141  {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
142  {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
143  {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
144  {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},
145 
146  {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
147  {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
148  {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
149  {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},
150 
151  {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
152  {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
153  {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
154  {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},
155 
156  {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
157  {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
158  {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
159  {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},
160 
161  {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
162  {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
163  {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
164  {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}};
165 
166 static void permute(char *out, char *in, const uchar *p, int n)
167 {
168  int i;
169  for (i=0;i<n;i++)
170  out[i] = in[p[i]-1];
171 }
172 
173 static void lshift(char *d, int count, int n)
174 {
175  char out[64];
176  int i;
177  for (i=0;i<n;i++)
178  out[i] = d[(i+count)%n];
179  for (i=0;i<n;i++)
180  d[i] = out[i];
181 }
182 
183 static void concat(char *out, char *in1, char *in2, int l1, int l2)
184 {
185  while (l1--)
186  *out++ = *in1++;
187  while (l2--)
188  *out++ = *in2++;
189 }
190 
191 static void xor(char *out, char *in1, char *in2, int n)
192 {
193  int i;
194  for (i=0;i<n;i++)
195  out[i] = in1[i] ^ in2[i];
196 }
197 
198 static void dohash(char *out, char *in, char *key, int forw)
199 {
200  int i, j, k;
201  char pk1[56];
202  char c[28];
203  char d[28];
204  char cd[56];
205  char ki[16][48];
206  char pd1[64];
207  char l[32], r[32];
208  char rl[64];
209 
210  permute(pk1, key, perm1, 56);
211 
212  for (i=0;i<28;i++)
213  c[i] = pk1[i];
214  for (i=0;i<28;i++)
215  d[i] = pk1[i+28];
216 
217  for (i=0;i<16;i++) {
218  lshift(c, sc[i], 28);
219  lshift(d, sc[i], 28);
220 
221  concat(cd, c, d, 28, 28);
222  permute(ki[i], cd, perm2, 48);
223  }
224 
225  permute(pd1, in, perm3, 64);
226 
227  for (j=0;j<32;j++) {
228  l[j] = pd1[j];
229  r[j] = pd1[j+32];
230  }
231 
232  for (i=0;i<16;i++) {
233  char er[48];
234  char erk[48];
235  char b[8][6];
236  char cb[32];
237  char pcb[32];
238  char r2[32];
239 
240  permute(er, r, perm4, 48);
241 
242  xor(erk, er, ki[forw ? i : 15 - i], 48);
243 
244  for (j=0;j<8;j++)
245  for (k=0;k<6;k++)
246  b[j][k] = erk[j*6 + k];
247 
248  for (j=0;j<8;j++) {
249  int m, n;
250  m = (b[j][0]<<1) | b[j][5];
251 
252  n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4];
253 
254  for (k=0;k<4;k++)
255  b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0;
256  }
257 
258  for (j=0;j<8;j++)
259  for (k=0;k<4;k++)
260  cb[j*4+k] = b[j][k];
261  permute(pcb, cb, perm5, 32);
262 
263  xor(r2, l, pcb, 32);
264 
265  for (j=0;j<32;j++)
266  l[j] = r[j];
267 
268  for (j=0;j<32;j++)
269  r[j] = r2[j];
270  }
271 
272  concat(rl, r, l, 32, 32);
273 
274  permute(out, rl, perm6, 64);
275 }
276 
277 static void str_to_key(const uchar *str, uchar *key)
278 {
279  int i;
280 
281  key[0] = str[0]>>1;
282  key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
283  key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
284  key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
285  key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
286  key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
287  key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
288  key[7] = str[6]&0x7F;
289  for (i=0;i<8;i++) {
290  key[i] = (key[i]<<1);
291  }
292 }
293 
294 
295 void smbhash(uchar *out, const uchar *in, const uchar *key, int forw)
296 {
297  int i;
298  char outb[64];
299  char inb[64];
300  char keyb[64];
301  uchar key2[8];
302 
303  str_to_key(key, key2);
304 
305  for (i=0;i<64;i++) {
306  inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
307  keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
308  outb[i] = 0;
309  }
310 
311  dohash(outb, inb, keyb, forw);
312 
313  for (i=0;i<8;i++) {
314  out[i] = 0;
315  }
316 
317  for (i=0;i<64;i++) {
318  if (outb[i])
319  out[i/8] |= (1<<(7-(i%8)));
320  }
321 }
322 
323 void E_P16(uchar *p14,uchar *p16)
324 {
325  uchar sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
326  smbhash(p16, sp8, p14, 1);
327  smbhash(p16+8, sp8, p14+7, 1);
328 }
329 
330 void E_P24(const uchar *p21, const uchar *c8, uchar *p24)
331 {
332  smbhash(p24, c8, p21, 1);
333  smbhash(p24+8, c8, p21+7, 1);
334  smbhash(p24+16, c8, p21+14, 1);
335 }
336 
337 void SamOEMhash( uchar *data, const uchar *key, int val)
338 {
339  uchar hash[256];
340  uchar index_i = 0;
341  uchar index_j = 0;
342  uchar j = 0;
343  int ind;
344  int len = 0;
345  if (val == 1) len = 516;
346  if (val == 0) len = 16;
347  if (val == 3) len = 8;
348  if (val == 2) len = 68;
349  if (val == 4) len = 32;
350 
351  if (val >= 8)
352  len = val;
353 
354  for (ind = 0; ind < 256; ind++)
355  {
356  hash[ind] = (uchar)ind;
357  }
358 
359  for( ind = 0; ind < 256; ind++)
360  {
361  uchar tc;
362 
363  j += (hash[ind] + key[ind%16]);
364 
365  tc = hash[ind];
366  hash[ind] = hash[j];
367  hash[j] = tc;
368  }
369  for( ind = 0; ind < len; ind++)
370  {
371  uchar tc;
372  uchar t;
373 
374  index_i++;
375  index_j += hash[index_i];
376 
377  tc = hash[index_i];
378  hash[index_i] = hash[index_j];
379  hash[index_j] = tc;
380 
381  t = hash[index_i] + hash[index_j];
382  data[ind] = data[ind] ^ hash[t];
383  }
384 }
385 
387  const uchar * nt_resp, uint8 sess_key[16])
388 {
389  /* yes, this session key does not change - yes, this
390  is a problem - but it is 128 bits */
391 
392  mdfour_ntlmssp((unsigned char *)sess_key, kr, 16);
393 
394 }
395 
396 /* Does the des encryption from the NT or LM MD4 hash. */
397 void SMBOWFencrypt_ntlmssp(const uchar passwd[16], const uchar *c8, uchar p24[24])
398 {
399  uchar p21[21];
400 
401  ZERO_STRUCT(p21);
402  memcpy(p21, passwd, 16);
403  E_P24(p21, c8, p24);
404 }
405 
406 void SMBencrypt_hash_ntlmssp(const uchar lm_hash[16], const uchar *c8, uchar p24[24])
407 {
408  uchar p21[21];
409 
410  memset(p21,'\0',21);
411  memcpy(p21, lm_hash, 16);
412  SMBOWFencrypt_ntlmssp(p21, c8, p24);
413 }
414 
415 
416 /* Does the des encryption. */
417 void SMBNTencrypt_hash_ntlmssp(const uchar nt_hash[16], uchar *c8, uchar *p24)
418 {
419  uchar p21[21];
420 
421  memset(p21,'\0',21);
422  memcpy(p21, nt_hash, 16);
423  SMBOWFencrypt_ntlmssp(p21, c8, p24);
424 }
425 
426 void SMBsesskeygen_lm_sess_key_ntlmssp(const uchar lm_hash[16], const uchar lm_resp[24], uint8 sess_key[16])
427 {
428  uchar p24[24];
429  uchar partial_lm_hash[16];
430 
431  memcpy(partial_lm_hash, lm_hash, 8);
432  memset(partial_lm_hash + 8, 0xbd, 8);
433  SMBOWFencrypt_ntlmssp(partial_lm_hash, lm_resp, p24);
434  memcpy(sess_key, p24, 16);
435 }
436 
444 bool E_deshash_ntlmssp (const char *passwd, uint8_t pass_len, uchar p16[16])
445 {
446  bool ret = True;
447  fstring dospwd;
448  ZERO_STRUCT(dospwd);
449  char *dpass;
450 
451  /* Password must be converted to DOS charset - null terminated, uppercase. */
452  dpass = g_utf8_strup (passwd, pass_len);
453  memcpy (dospwd, dpass, pass_len);
454  g_free (dpass);
455 
456  /* Only the fisrt 14 chars are considered, password need not be null terminated. */
457  E_P16((unsigned char *)dospwd, p16);
458 
459  if (strlen(dospwd) > 14) {
460  ret = False;
461  }
462 
463  ZERO_STRUCT(dospwd);
464 
465  return ret;
466 }
468  const uchar * nt_resp, uint8 sess_key[16])
469 {
470  /* a very nice, 128 bit, variable session key */
471 
472  HMACMD5Context ctx;
473 
474  hmac_md5_init_limK_to_64(kr, 16, &ctx);
475  hmac_md5_update(nt_resp, 16, &ctx);
476  hmac_md5_final((unsigned char *)sess_key, &ctx);
477 }
478 
479 
480 uint8_t * NTLMv2_generate_client_data_ntlmssp(const char *addr_list, int address_list_len)
481 {
482  int i = 0;
483  /*length of response
484  *header-4, reserved-4, date-8, client chal-8, unknown-4, addr_list-size sent in arguments
485  */
486  uchar client_chal[8];
487  uint8_t *response = g_malloc0 (28 + address_list_len);
488  char long_date[8];
489  int header = 0x00000101;
490  int zeros = 0x00000000;
491 
492  generate_random_buffer_ntlmssp(client_chal, sizeof(client_chal));
493 
494  put_long_date_ntlmssp(long_date, time(NULL));
495  SIVAL(response, 0, header);
496  SIVAL(response, 4, zeros);
497  memcpy(response+4+4, long_date, 8);
498  memcpy(response+4+4+sizeof(long_date), client_chal, 8);
499  SIVAL(response, 24, zeros);
500  for(i=0; i<address_list_len;i++)
501  {
502  *(response+28+i) = *(addr_list+i);
503  }
504 
505  return response;
506 }
507 
508 
509 void NTLMv2_generate_response_ntlmssp(const uchar ntlm_v2_hash[16],
510  const char *server_chal,
511  const char *address_list, int address_list_len, uint8_t *nt_response)
512 {
513  uchar ntlmv2_response[16];
514  uint8_t * ntlmv2_client_data;
515 
516  /* NTLMv2 */
517  /* generate some data to pass into the response function - including
518  the hostname and domain name of the server */
519  ntlmv2_client_data = NTLMv2_generate_client_data_ntlmssp(address_list, address_list_len);
520 
521  /* Given that data, and the challenge from the server, generate a response */
522  int client_data_len = 28 + address_list_len;
523  SMBOWFencrypt_ntv2_ntlmssp(ntlm_v2_hash, (const uchar*)server_chal, 8, ntlmv2_client_data, client_data_len, ntlmv2_response);
524  memcpy(nt_response, ntlmv2_response, sizeof(ntlmv2_response));
525  memcpy(nt_response+sizeof(ntlmv2_response),ntlmv2_client_data, client_data_len);
526 }
527 
528 void LMv2_generate_response_ntlmssp(const uchar ntlm_v2_hash[16],
529  const char *server_chal, uint8_t *lm_response)
530 {
531  uchar lmv2_response[16];
532  uint8_t lmv2_client_data[8];
533 
534  /* LMv2 */
535  /* client-supplied random data */
536  generate_random_buffer_ntlmssp(lmv2_client_data, sizeof(lmv2_client_data));
537 
538  /* Given that data, and the challenge from the server, generate a response */
539  SMBOWFencrypt_ntv2_ntlmssp(ntlm_v2_hash, (const uchar*)server_chal, 8, lmv2_client_data, sizeof(lmv2_client_data), lmv2_response);
540  memcpy(lm_response, lmv2_response, sizeof(lmv2_response));
541 
542  /* after the first 16 bytes is the random data we generated above,
543  so the server can verify us with it */
544  memcpy(lm_response+sizeof(lmv2_response), lmv2_client_data, sizeof(lmv2_client_data));
545 }
546 
547 void SMBNTLMv2encrypt_hash_ntlmssp(const char *user, const char *domain, uchar ntlm_v2_hash[16],
548  const char *server_chal,
549  const char *address_list, int address_list_len,
550  uint8_t *lm_response, uint8_t *nt_response,
551  uint8_t *user_session_key)
552 {
553  NTLMv2_generate_response_ntlmssp(ntlm_v2_hash, server_chal, address_list, address_list_len, nt_response);
554 
555  /* The NTLMv2 calculations also provide a session key, for signing etc later */
556  /* use only the first 16 bytes of nt_response for session key */
557  SMBsesskeygen_ntv2_ntlmssp(ntlm_v2_hash, nt_response, user_session_key);
558 
559  LMv2_generate_response_ntlmssp(ntlm_v2_hash, server_chal, lm_response);
560 }
#define uchar
Definition: hmacmd5.h:28
uint8_t * NTLMv2_generate_client_data_ntlmssp(const char *addr_list, int address_list_len)
Definition: smb_crypt.c:480
void smbhash(uchar *out, const uchar *in, const uchar *key, int forw)
Definition: smb_crypt.c:295
const char * val
Definition: nasl_init.c:525
char fstring[FSTRING_LEN]
Definition: smb_crypt.c:63
void SamOEMhash(uchar *data, const uchar *key, int val)
Definition: smb_crypt.c:337
void E_P16(uchar *p14, uchar *p16)
Definition: smb_crypt.c:323
void SMBOWFencrypt_ntlmssp(const uchar passwd[16], const uchar *c8, uchar p24[24])
Definition: smb_crypt.c:397
void LMv2_generate_response_ntlmssp(const uchar ntlm_v2_hash[16], const char *server_chal, uint8_t *lm_response)
Definition: smb_crypt.c:528
void hmac_md5_init_limK_to_64(const uchar *key, int key_len, HMACMD5Context *ctx)
The microsoft version of hmac_md5 initialisation.
Definition: hmacmd5.c:33
#define SIVAL(buf, pos, val)
Definition: byteorder.h:123
bool E_deshash_ntlmssp(const char *passwd, uint8_t pass_len, uchar p16[16])
Definition: smb_crypt.c:444
void mdfour_ntlmssp(unsigned char *out, const unsigned char *in, int n)
Definition: md4.c:125
void SMBNTLMv2encrypt_hash_ntlmssp(const char *user, const char *domain, uchar ntlm_v2_hash[16], const char *server_chal, const char *address_list, int address_list_len, uint8_t *lm_response, uint8_t *nt_response, uint8_t *user_session_key)
Definition: smb_crypt.c:547
void generate_random_buffer_ntlmssp(unsigned char *out, int len)
Definition: genrand.c:167
void SMBOWFencrypt_ntv2_ntlmssp(const uchar kr[16], const uint8_t *srv_chal, int srv_chal_len, const uint8_t *cli_chal, int cli_chal_len, uchar resp_buf[16])
void SMBencrypt_hash_ntlmssp(const uchar lm_hash[16], const uchar *c8, uchar p24[24])
Definition: smb_crypt.c:406
#define FSTRING_LEN
Definition: smb_crypt.c:62
void hmac_md5_final(uchar *digest, HMACMD5Context *ctx)
Finish off hmac_md5 "inner" buffer and generate outer one.
Definition: hmacmd5.c:71
#define True
Definition: charcnv.c:59
void put_long_date_ntlmssp(char *p, time_t t)
Definition: time.c:111
#define False
Definition: charcnv.c:58
void hmac_md5_update(const uchar *text, int text_len, HMACMD5Context *ctx)
Update hmac_md5 "inner" buffer.
Definition: hmacmd5.c:63
void SMBsesskeygen_ntv2_ntlmssp(const uchar kr[16], const uchar *nt_resp, uint8 sess_key[16])
Definition: smb_crypt.c:467
#define ZERO_STRUCT(x)
Definition: genrand.c:65
void NTLMv2_generate_response_ntlmssp(const uchar ntlm_v2_hash[16], const char *server_chal, const char *address_list, int address_list_len, uint8_t *nt_response)
Definition: smb_crypt.c:509
void SMBsesskeygen_ntv1_ntlmssp(const uchar kr[16], const uchar *nt_resp, uint8 sess_key[16])
Definition: smb_crypt.c:386
#define uint8
Definition: charcnv.c:46
void E_P24(const uchar *p21, const uchar *c8, uchar *p24)
Definition: smb_crypt.c:330
void SMBsesskeygen_lm_sess_key_ntlmssp(const uchar lm_hash[16], const uchar lm_resp[24], uint8 sess_key[16])
Definition: smb_crypt.c:426
void SMBNTencrypt_hash_ntlmssp(const uchar nt_hash[16], uchar *c8, uchar *p24)
Definition: smb_crypt.c:417