Created
September 27, 2021 13:37
-
-
Save bagder/15d4e2d4fd2afd540b9510b1a5671ad2 to your computer and use it in GitHub Desktop.
Application showing problem with DES with OpenSSL v3.0.0 on mac 64 bit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#define OPENSSL_SUPPRESS_DEPRECATED 1 | |
#include <openssl/des.h> | |
# define DESKEYARG(x) *x | |
# define DESKEY(x) &x | |
typedef int CURLcode; | |
#define CURLE_OK 0 | |
#define CURLMIN(x,y) ((x)<(y)?(x):(y)) | |
/* | |
* Turns a 56-bit key into being 64-bit wide. | |
*/ | |
static void extend_key_56_to_64(const unsigned char *key_56, char *key) | |
{ | |
key[0] = key_56[0]; | |
key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1)); | |
key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2)); | |
key[3] = (unsigned char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3)); | |
key[4] = (unsigned char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4)); | |
key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5)); | |
key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6)); | |
key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF); | |
} | |
static void setup_des_key(const unsigned char *key_56, | |
DES_key_schedule DESKEYARG(ks)) | |
{ | |
DES_cblock key; | |
/* Expand the 56-bit key to 64-bits */ | |
extend_key_56_to_64(key_56, (char *) &key); | |
/* Set the key parity to odd */ | |
DES_set_odd_parity(&key); | |
/* Set the key */ | |
DES_set_key(&key, ks); | |
} | |
/* | |
* Set up lanmanager hashed password | |
*/ | |
CURLcode Curl_ntlm_core_mk_lm_hash(const char *password, | |
unsigned char *lmbuffer /* 21 bytes */) | |
{ | |
CURLcode result; | |
unsigned char pw[14]; | |
static const unsigned char magic[] = { | |
0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 /* i.e. KGS!@#$% */ | |
}; | |
size_t len = CURLMIN(strlen(password), 14); | |
memcpy((char *)pw, password, len); | |
memset(&pw[len], 0, 14 - len); | |
{ | |
/* Create LanManager hashed password. */ | |
DES_key_schedule ks; | |
unsigned char *pt = lmbuffer; | |
setup_des_key(pw, DESKEY(ks)); | |
DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer, | |
DESKEY(ks), DES_ENCRYPT); | |
fprintf(stderr, | |
"%s first stored\n" | |
"LMB 0: %02x %02x %02x %02x %02x %02x %02x %02x\n", | |
__func__, | |
pt[0], pt[1], pt[2], pt[3], pt[4], pt[5], pt[6], pt[7]); | |
setup_des_key(pw + 7, DESKEY(ks)); | |
DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)(lmbuffer + 8), | |
DESKEY(ks), DES_ENCRYPT); | |
pt += 8; | |
fprintf(stderr, | |
"%s then stored\n" | |
"LMB 8: %02x %02x %02x %02x %02x %02x %02x %02x\n", | |
__func__, | |
pt[0], pt[1], pt[2], pt[3], pt[4], pt[5], pt[6], pt[7]); | |
memset(lmbuffer + 16, 0, 21 - 16); | |
} | |
return CURLE_OK; | |
} | |
int main(void) | |
{ | |
const char *password = "SECRET"; | |
unsigned char output[21]; | |
Curl_ntlm_core_mk_lm_hash(password, output); | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment