[SCM] Samba Shared Repository - branch master updated -
b9890af54691aea05b01346f6e474be1fcd5338c
Jelmer Vernooij
jelmer at samba.org
Wed Sep 24 14:11:32 GMT 2008
The branch, master has been updated
via b9890af54691aea05b01346f6e474be1fcd5338c (commit)
via e3ef8803ee46710d080095e4a76e25d3280d6d8b (commit)
via 3023a56b64590df9672a084b07990836e675409f (commit)
via 2413a7200623855b93946d44bcdb949e2dc170a0 (commit)
via 5709ded3ef75c48f807273eaa36bb0522e7f7b46 (commit)
via 45bc578664f4dae063672dde75bd442868a35992 (commit)
via 6925202bdee75d191bb5743659c53155ba1605ea (commit)
from 83b0c5d43f568222d97f9b8de985f1e39a375fb9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b9890af54691aea05b01346f6e474be1fcd5338c
Merge: e3ef8803ee46710d080095e4a76e25d3280d6d8b 83b0c5d43f568222d97f9b8de985f1e39a375fb9
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 16:11:13 2008 +0200
Merge branch 'master' of ssh://git.samba.org/data/git/samba into crypto
commit e3ef8803ee46710d080095e4a76e25d3280d6d8b
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 16:10:53 2008 +0200
Fix include paths.
commit 3023a56b64590df9672a084b07990836e675409f
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 16:10:34 2008 +0200
Clean .o files in lib/ and libcli/ too.
commit 2413a7200623855b93946d44bcdb949e2dc170a0
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 15:44:34 2008 +0200
Use shared copy of hmac5 implementation.
commit 5709ded3ef75c48f807273eaa36bb0522e7f7b46
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 15:37:15 2008 +0200
Use common md4 implementation.
commit 45bc578664f4dae063672dde75bd442868a35992
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 15:34:30 2008 +0200
Use common MD5.
commit 6925202bdee75d191bb5743659c53155ba1605ea
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Sep 24 15:30:23 2008 +0200
Move source4/lib/crypto to lib/crypto.
-----------------------------------------------------------------------
Summary of changes:
lib/crypto/arcfour.c | 91 +++++++++
lib/crypto/config.mk | 18 ++
lib/crypto/crc32.c | 103 ++++++++++
lib/crypto/crc32.h | 1 +
lib/crypto/crypto.h | 37 ++++
lib/crypto/hmacmd5.c | 117 +++++++++++
lib/crypto/hmacmd5.h | 41 ++++
lib/crypto/hmacmd5test.c | 98 +++++++++
lib/crypto/hmacsha256.c | 91 +++++++++
lib/crypto/hmacsha256.h | 38 ++++
lib/crypto/md4.c | 176 ++++++++++++++++
lib/crypto/md4.h | 1 +
lib/crypto/md4test.c | 83 ++++++++
lib/crypto/md5.c | 248 +++++++++++++++++++++++
lib/crypto/md5.h | 19 ++
lib/crypto/md5test.c | 93 +++++++++
lib/crypto/sha256.c | 253 ++++++++++++++++++++++++
lib/crypto/sha256.h | 91 +++++++++
source3/Makefile.in | 4 +-
source3/include/hmacmd5.h | 29 ---
source3/include/includes.h | 4 +-
source3/include/md5.h | 19 --
source3/include/proto.h | 16 --
source3/lib/hmacmd5.c | 135 -------------
source3/lib/md4.c | 174 ----------------
source3/lib/md5.c | 247 -----------------------
source4/Makefile | 5 +-
source4/auth/credentials/credentials_ntlm.c | 2 +-
source4/auth/gensec/schannel_sign.c | 2 +-
source4/auth/ntlm/ntlm_check.c | 2 +-
source4/auth/ntlmssp/ntlmssp_client.c | 2 +-
source4/auth/ntlmssp/ntlmssp_server.c | 2 +-
source4/auth/ntlmssp/ntlmssp_sign.c | 2 +-
source4/dsdb/repl/replicated_objects.c | 2 +-
source4/dsdb/samdb/ldb_modules/password_hash.c | 2 +-
source4/kdc/hdb-ldb.c | 2 +-
source4/lib/crypto/arcfour.c | 91 ---------
source4/lib/crypto/config.mk | 18 --
source4/lib/crypto/crc32.c | 103 ----------
source4/lib/crypto/crc32.h | 1 -
source4/lib/crypto/crypto.h | 37 ----
source4/lib/crypto/hmacmd5.c | 117 -----------
source4/lib/crypto/hmacmd5.h | 38 ----
source4/lib/crypto/hmacmd5test.c | 98 ---------
source4/lib/crypto/hmacsha256.c | 91 ---------
source4/lib/crypto/hmacsha256.h | 38 ----
source4/lib/crypto/md4.c | 176 ----------------
source4/lib/crypto/md4.h | 1 -
source4/lib/crypto/md4test.c | 83 --------
source4/lib/crypto/md5.c | 248 -----------------------
source4/lib/crypto/md5.h | 19 --
source4/lib/crypto/md5test.c | 93 ---------
source4/lib/crypto/sha256.c | 253 ------------------------
source4/lib/crypto/sha256.h | 91 ---------
source4/lib/util/genrand.c | 2 +-
source4/libcli/auth/credentials.c | 2 +-
source4/libcli/auth/smbencrypt.c | 2 +-
source4/libcli/raw/smb_signing.c | 2 +-
source4/libcli/smb2/signing.c | 2 +-
source4/libnet/libnet_passwd.c | 2 +-
source4/main.mk | 2 +-
source4/ntp_signd/ntp_signd.c | 2 +-
source4/rpc_server/lsa/dcesrv_lsa.c | 2 +-
source4/rpc_server/samr/samr_password.c | 2 +-
source4/torture/local/local.c | 2 +-
source4/torture/rpc/dssync.c | 2 +-
source4/torture/rpc/lsa.c | 2 +-
source4/torture/rpc/samba3rpc.c | 2 +-
source4/torture/rpc/samlogon.c | 2 +-
source4/torture/rpc/samr.c | 2 +-
source4/torture/rpc/samsync.c | 2 +-
source4/torture/rpc/testjoin.c | 2 +-
source4/torture/rpc/wkssvc.c | 2 +-
73 files changed, 1635 insertions(+), 2249 deletions(-)
create mode 100644 lib/crypto/arcfour.c
create mode 100644 lib/crypto/config.mk
create mode 100644 lib/crypto/crc32.c
create mode 100644 lib/crypto/crc32.h
create mode 100644 lib/crypto/crypto.h
create mode 100644 lib/crypto/hmacmd5.c
create mode 100644 lib/crypto/hmacmd5.h
create mode 100644 lib/crypto/hmacmd5test.c
create mode 100644 lib/crypto/hmacsha256.c
create mode 100644 lib/crypto/hmacsha256.h
create mode 100644 lib/crypto/md4.c
create mode 100644 lib/crypto/md4.h
create mode 100644 lib/crypto/md4test.c
create mode 100644 lib/crypto/md5.c
create mode 100644 lib/crypto/md5.h
create mode 100644 lib/crypto/md5test.c
create mode 100644 lib/crypto/sha256.c
create mode 100644 lib/crypto/sha256.h
delete mode 100644 source3/include/hmacmd5.h
delete mode 100644 source3/include/md5.h
delete mode 100644 source3/lib/hmacmd5.c
delete mode 100644 source3/lib/md4.c
delete mode 100644 source3/lib/md5.c
delete mode 100644 source4/lib/crypto/arcfour.c
delete mode 100644 source4/lib/crypto/config.mk
delete mode 100644 source4/lib/crypto/crc32.c
delete mode 100644 source4/lib/crypto/crc32.h
delete mode 100644 source4/lib/crypto/crypto.h
delete mode 100644 source4/lib/crypto/hmacmd5.c
delete mode 100644 source4/lib/crypto/hmacmd5.h
delete mode 100644 source4/lib/crypto/hmacmd5test.c
delete mode 100644 source4/lib/crypto/hmacsha256.c
delete mode 100644 source4/lib/crypto/hmacsha256.h
delete mode 100644 source4/lib/crypto/md4.c
delete mode 100644 source4/lib/crypto/md4.h
delete mode 100644 source4/lib/crypto/md4test.c
delete mode 100644 source4/lib/crypto/md5.c
delete mode 100644 source4/lib/crypto/md5.h
delete mode 100644 source4/lib/crypto/md5test.c
delete mode 100644 source4/lib/crypto/sha256.c
delete mode 100644 source4/lib/crypto/sha256.h
Changeset truncated at 500 lines:
diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c
new file mode 100644
index 0000000..c57e05d
--- /dev/null
+++ b/lib/crypto/arcfour.c
@@ -0,0 +1,91 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ An implementation of the arcfour algorithm
+
+ Copyright (C) Andrew Tridgell 1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/crypto/arcfour.h"
+
+/* initialise the arcfour sbox with key */
+_PUBLIC_ void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key)
+{
+ int ind;
+ uint8_t j = 0;
+ for (ind = 0; ind < sizeof(state->sbox); ind++) {
+ state->sbox[ind] = (uint8_t)ind;
+ }
+
+ for (ind = 0; ind < sizeof(state->sbox); ind++) {
+ uint8_t tc;
+
+ j += (state->sbox[ind] + key->data[ind%key->length]);
+
+ tc = state->sbox[ind];
+ state->sbox[ind] = state->sbox[j];
+ state->sbox[j] = tc;
+ }
+ state->index_i = 0;
+ state->index_j = 0;
+}
+
+/* crypt the data with arcfour */
+_PUBLIC_ void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len)
+{
+ int ind;
+
+ for (ind = 0; ind < len; ind++) {
+ uint8_t tc;
+ uint8_t t;
+
+ state->index_i++;
+ state->index_j += state->sbox[state->index_i];
+
+ tc = state->sbox[state->index_i];
+ state->sbox[state->index_i] = state->sbox[state->index_j];
+ state->sbox[state->index_j] = tc;
+
+ t = state->sbox[state->index_i] + state->sbox[state->index_j];
+ data[ind] = data[ind] ^ state->sbox[t];
+ }
+}
+
+/*
+ arcfour encryption with a blob key
+*/
+_PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key)
+{
+ struct arcfour_state state;
+ arcfour_init(&state, key);
+ arcfour_crypt_sbox(&state, data, len);
+}
+
+/*
+ a variant that assumes a 16 byte key. This should be removed
+ when the last user is gone
+*/
+_PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
+{
+ DATA_BLOB key = data_blob(keystr, 16);
+
+ arcfour_crypt_blob(data, len, &key);
+
+ data_blob_free(&key);
+}
+
+
diff --git a/lib/crypto/config.mk b/lib/crypto/config.mk
new file mode 100644
index 0000000..ee111bd
--- /dev/null
+++ b/lib/crypto/config.mk
@@ -0,0 +1,18 @@
+##############################
+# Start SUBSYSTEM LIBCRYPTO
+[SUBSYSTEM::LIBCRYPTO]
+# End SUBSYSTEM LIBCRYPTO
+##############################
+
+LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
+ crc32.o md5.o hmacmd5.o md4.o \
+ arcfour.o sha256.o hmacsha256.o)
+
+[MODULE::TORTURE_LIBCRYPTO]
+SUBSYSTEM = smbtorture
+PRIVATE_DEPENDENCIES = LIBCRYPTO
+
+TORTURE_LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
+ md4test.o md5test.o hmacmd5test.o)
+
+$(eval $(call proto_header_template,$(libcryptosrcdir)/test_proto.h,$(TORTURE_LIBCRYPTO_OBJ_FILES:.o=.c)))
diff --git a/lib/crypto/crc32.c b/lib/crypto/crc32.c
new file mode 100644
index 0000000..5b9d9b1
--- /dev/null
+++ b/lib/crypto/crc32.c
@@ -0,0 +1,103 @@
+/*-
+ * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or
+ * code or tables extracted from it, as desired without restriction.
+ *
+ * First, the polynomial itself and its table of feedback terms. The
+ * polynomial is
+ * X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0
+ *
+ * Note that we take it "backwards" and put the highest-order term in
+ * the lowest-order bit. The X^32 term is "implied"; the LSB is the
+ * X^31 term, etc. The X^0 term (usually shown as "+1") results in
+ * the MSB being 1
+ *
+ * Note that the usual hardware shift register implementation, which
+ * is what we're using (we're merely optimizing it by doing eight-bit
+ * chunks at a time) shifts bits into the lowest-order term. In our
+ * implementation, that means shifting towards the right. Why do we
+ * do it this way? Because the calculated CRC must be transmitted in
+ * order from highest-order term to lowest-order term. UARTs transmit
+ * characters in order from LSB to MSB. By storing the CRC this way
+ * we hand it to the UART in the order low-byte to high-byte; the UART
+ * sends each low-bit to hight-bit; and the result is transmission bit
+ * by bit from highest- to lowest-order term without requiring any bit
+ * shuffling on our part. Reception works similarly
+ *
+ * The feedback terms table consists of 256, 32-bit entries. Notes
+ *
+ * The table can be generated at runtime if desired; code to do so
+ * is shown later. It might not be obvious, but the feedback
+ * terms simply represent the results of eight shift/xor opera
+ * tions for all combinations of data and CRC register values
+ *
+ * The values must be right-shifted by eight bits by the "updcrc
+ * logic; the shift must be unsigned (bring in zeroes). On some
+ * hardware you could probably optimize the shift in assembler by
+ * using byte-swap instructions
+ * polynomial $edb88320
+ *
+ *
+ * CRC32 code derived from work by Gary S. Brown.
+ */
+
+#include "includes.h"
+
+static const uint32_t crc32_tab[] = {
+ 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
+ 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+ 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
+ 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+ 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
+ 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+ 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
+ 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+ 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
+ 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+ 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
+ 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+ 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
+ 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+ 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+ 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+ 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
+ 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+ 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
+ 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+ 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
+ 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+ 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
+ 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+ 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+ 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+ 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
+ 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+ 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
+ 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+ 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
+ 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+ 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
+ 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+ 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+ 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+ 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
+ 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+ 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
+ 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+ 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
+ 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+ 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+};
+
+uint32_t crc32_calc_buffer(const uint8_t *buf, size_t size)
+{
+ const uint8_t *p;
+ uint32_t crc;
+
+ p = buf;
+ crc = ~0U;
+
+ while (size--)
+ crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
+
+ return crc ^ ~0U;
+}
diff --git a/lib/crypto/crc32.h b/lib/crypto/crc32.h
new file mode 100644
index 0000000..7854abf
--- /dev/null
+++ b/lib/crypto/crc32.h
@@ -0,0 +1 @@
+uint32_t crc32_calc_buffer(const uint8_t *buf, size_t size);
diff --git a/lib/crypto/crypto.h b/lib/crypto/crypto.h
new file mode 100644
index 0000000..9cb16ad
--- /dev/null
+++ b/lib/crypto/crypto.h
@@ -0,0 +1,37 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Copyright (C) Andrew Tridgell 2004
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "../lib/crypto/crc32.h"
+#include "../lib/crypto/md4.h"
+#include "../lib/crypto/md5.h"
+#include "../lib/crypto/hmacmd5.h"
+#include "../lib/crypto/sha256.h"
+#include "../lib/crypto/hmacsha256.h"
+
+struct arcfour_state {
+ uint8_t sbox[256];
+ uint8_t index_i;
+ uint8_t index_j;
+};
+
+void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key);
+void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len);
+void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key);
+void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len);
+
diff --git a/lib/crypto/hmacmd5.c b/lib/crypto/hmacmd5.c
new file mode 100644
index 0000000..0c8d1ab
--- /dev/null
+++ b/lib/crypto/hmacmd5.c
@@ -0,0 +1,117 @@
+/*
+ Unix SMB/CIFS implementation.
+ HMAC MD5 code for use in NTLMv2
+ Copyright (C) Luke Kenneth Casson Leighton 1996-2000
+ Copyright (C) Andrew Tridgell 1992-2000
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* taken direct from rfc2104 implementation and modified for suitable use
+ * for ntlmv2.
+ */
+
+#include "includes.h"
+#include "../lib/crypto/hmacmd5.h"
+
+/***********************************************************************
+ the rfc 2104 version of hmac_md5 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_init_rfc2104(const uint8_t *key, int key_len, HMACMD5Context *ctx)
+{
+ int i;
+ uint8_t tk[16];
+
+ /* if key is longer than 64 bytes reset it to key=MD5(key) */
+ if (key_len > 64)
+ {
+ struct MD5Context tctx;
+
+ MD5Init(&tctx);
+ MD5Update(&tctx, key, key_len);
+ MD5Final(tk, &tctx);
+
+ key = tk;
+ key_len = 16;
+ }
+
+ /* start out by storing key in pads */
+ ZERO_STRUCT(ctx->k_ipad);
+ ZERO_STRUCT(ctx->k_opad);
+ memcpy( ctx->k_ipad, key, key_len);
+ memcpy( ctx->k_opad, key, key_len);
+
+ /* XOR key with ipad and opad values */
+ for (i=0; i<64; i++)
+ {
+ ctx->k_ipad[i] ^= 0x36;
+ ctx->k_opad[i] ^= 0x5c;
+ }
+
+ MD5Init(&ctx->ctx);
+ MD5Update(&ctx->ctx, ctx->k_ipad, 64);
+}
+
+/***********************************************************************
+ the microsoft version of hmac_md5 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_init_limK_to_64(const uint8_t *key, int key_len,
+ HMACMD5Context *ctx)
+{
+ /* if key is longer than 64 bytes truncate it */
+ if (key_len > 64)
+ {
+ key_len = 64;
+ }
+
+ hmac_md5_init_rfc2104(key, key_len, ctx);
+}
+
+/***********************************************************************
+ update hmac_md5 "inner" buffer
+***********************************************************************/
+_PUBLIC_ void hmac_md5_update(const uint8_t *text, int text_len, HMACMD5Context *ctx)
+{
+ MD5Update(&ctx->ctx, text, text_len); /* then text of datagram */
+}
+
+/***********************************************************************
+ finish off hmac_md5 "inner" buffer and generate outer one.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_final(uint8_t *digest, HMACMD5Context *ctx)
+{
+ struct MD5Context ctx_o;
+
+ MD5Final(digest, &ctx->ctx);
+
+ MD5Init(&ctx_o);
+ MD5Update(&ctx_o, ctx->k_opad, 64);
+ MD5Update(&ctx_o, digest, 16);
+ MD5Final(digest, &ctx_o);
+}
+
+/***********************************************************
+ single function to calculate an HMAC MD5 digest from data.
+ use the microsoft hmacmd5 init method because the key is 16 bytes.
+************************************************************/
+_PUBLIC_ void hmac_md5(const uint8_t key[16], const uint8_t *data, int data_len, uint8_t *digest)
+{
+ HMACMD5Context ctx;
+ hmac_md5_init_limK_to_64(key, 16, &ctx);
+ if (data_len != 0)
+ {
+ hmac_md5_update(data, data_len, &ctx);
+ }
+ hmac_md5_final(digest, &ctx);
+}
diff --git a/lib/crypto/hmacmd5.h b/lib/crypto/hmacmd5.h
new file mode 100644
index 0000000..91b8ca5
--- /dev/null
+++ b/lib/crypto/hmacmd5.h
@@ -0,0 +1,41 @@
+/*
+ Unix SMB/CIFS implementation.
+ Interface header: HMAC MD5 code
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1999
+ Copyright (C) Andrew Tridgell 1992-1999
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _HMAC_MD5_H
+#define _HMAC_MD5_H
+
+#include "../lib/crypto/md5.h"
+
+typedef struct
+{
+ struct MD5Context ctx;
+ uint8_t k_ipad[65];
+ uint8_t k_opad[65];
+
+} HMACMD5Context;
+
+void hmac_md5_init_limK_to_64(const uint8_t *key, int key_len,
+ HMACMD5Context *ctx);
+void hmac_md5_update(const uint8_t *text, int text_len, HMACMD5Context *ctx);
+void hmac_md5_final(uint8_t *digest, HMACMD5Context *ctx);
+void hmac_md5(const uint8_t key[16], const uint8_t *data, int data_len, uint8_t *digest);
+void hmac_md5_init_rfc2104(const uint8_t *key, int key_len, HMACMD5Context *ctx);
+
+#endif /* _HMAC_MD5_H */
diff --git a/lib/crypto/hmacmd5test.c b/lib/crypto/hmacmd5test.c
new file mode 100644
index 0000000..0a98404
--- /dev/null
+++ b/lib/crypto/hmacmd5test.c
@@ -0,0 +1,98 @@
+/*
+ Unix SMB/CIFS implementation.
+ HMAC MD5 tests
+ Copyright (C) Stefan Metzmacher 2006
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+#include "includes.h"
+#include "../lib/crypto/crypto.h"
+
+struct torture_context;
+
+static DATA_BLOB data_blob_repeat_byte(uint8_t byte, size_t length)
+{
+ DATA_BLOB b = data_blob(NULL, length);
+ memset(b.data, byte, length);
+ return b;
+}
+
+/*
+ This uses the test values from rfc 2104, 2202
+*/
+bool torture_local_crypto_hmacmd5(struct torture_context *torture)
+{
+ bool ret = true;
+ uint32_t i;
+ struct {
+ DATA_BLOB key;
+ DATA_BLOB data;
+ DATA_BLOB md5;
+ } testarray[8];
+
+ testarray[0].key = data_blob_repeat_byte(0x0b, 16);
--
Samba Shared Repository
More information about the samba-cvs
mailing list