Attachment #149087 for bug #194841




#	include <openssl/des.h>


typedef DES_cblock DES_key;
typedef DES_cblock DES_data_block;
typedef DES_key_schedule DES_context;
#define DES_failed(encrypted) 0
#define DES_finish(key, schedule) 

#elif defined(HAVE_MOZNSS)
/*

*/
#define PROTYPES_H 1
#	include <nss/pk11pub.h>
typedef PK11SymKey *DES_key;
typedef unsigned char DES_data_block[8];
typedef PK11Context *DES_context[1];
#define DES_ENCRYPT CKA_ENCRYPT

#endif

 * abstract away setting the parity.
 */
static void
DES_set_key_and_parity( DES_key *key, unsigned char *keyData)
{
    memcpy(key, keyData, 8);
    DES_set_odd_parity( key );
}



 * implement MozNSS wrappers for the openSSL calls 
 */
static void
DES_set_key_and_parity( DES_key *key, unsigned char *keyData)
{
    SECItem keyDataItem;
    PK11SlotInfo *slot;

}

static void
DES_set_key_unchecked( DES_key *key, DES_context ctxt )
{
    ctxt[0] = NULL;


}

static void
DES_ecb_encrypt( DES_data_block *plain, DES_data_block *encrypted, 
			DES_context ctxt, int op)
{
    SECStatus rv;
    int size;

    if (ctxt[0] == NULL) {
	/* need to fail here...  */
	memset(encrypted, 0, sizeof(DES_data_block));
	return;
    }
    rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0], 
			&size, sizeof(DES_data_block),
			(unsigned char *)&plain[0], sizeof(DES_data_block));
    if (rv != SECSuccess) {
	/* signal failure */
	memset(encrypted, 0, sizeof(DES_data_block));
	return;
    }
    return;
}

static int
DES_failed(DES_data_block *encrypted)
{
   static const DES_data_block zero = { 0 };
   return memcmp(encrypted, zero, sizeof(zero)) == 0;
}

static void
DES_finish(DES_key *key, DES_context ctxt)
{
     if (*key) {
	PK11_FreeSymKey(*key);


static void lmPasswd_to_key(
	const char *lmPasswd,
	DES_key *key)
{
	const unsigned char *lpw = (const unsigned char *) lmPasswd;
	unsigned char k[8];

	k[6] = ((lpw[5] & 0x3F) << 2) | (lpw[6] >> 6);
	k[7] = ((lpw[6] & 0x7F) << 1);
		
	DES_set_key_and_parity( key, k );
}	

static int chk_lanman(

{
	ber_len_t i;
	char UcasePassword[15];
	DES_key key;
	DES_context schedule;
	DES_data_block StdText = "KGS!@#$%";
	DES_data_block PasswordHash1, PasswordHash2;
	char PasswordHash[33], storedPasswordHash[33];
	
	for( i=0; i<cred->bv_len; i++) {

	ldap_pvt_str2upper( UcasePassword );
	
	lmPasswd_to_key( UcasePassword, &key );
	DES_set_key_unchecked( &key, &schedule );
	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );

	if (DES_failed(&PasswordHash1)) {
	    return LUTIL_PASSWD_ERR;
	}
	
	lmPasswd_to_key( &UcasePassword[7], &key );
	DES_set_key_unchecked( &key, &schedule );
	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
	if (DES_failed(&PasswordHash2)) {
	    return LUTIL_PASSWD_ERR;
	}

	DES_finish( &key, schedule );
	
	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
		PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],


	ber_len_t i;
	char UcasePassword[15];
	DES_key key;
	DES_context schedule;
	DES_data_block StdText = "KGS!@#$%";
	DES_data_block PasswordHash1, PasswordHash2;
	char PasswordHash[33];
	
	for( i=0; i<passwd->bv_len; i++) {

	ldap_pvt_str2upper( UcasePassword );
	
	lmPasswd_to_key( UcasePassword, &key );
	DES_set_key_unchecked( &key, &schedule );
	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );
	
	lmPasswd_to_key( &UcasePassword[7], &key );
	DES_set_key_unchecked( &key, &schedule );
	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
	
	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 
		PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],

Return to bug 194841

Lines 38-48 Link Here

(-)libraries/liblutil/passwd.c (-42 / +42 lines)
38	# include <openssl/des.h>	38	# include <openssl/des.h>
39		39
40		40
41	typedef des_cblock des_key;	41	typedef DES_cblock DES_key;
42	typedef des_cblock des_data_block;	42	typedef DES_cblock DES_data_block;
43	typedef des_key_schedule des_context;	43	typedef DES_key_schedule DES_context;
44	#define des_failed(encrypted) 0	44	#define DES_failed(encrypted) 0
45	#define des_finish(key, schedule)	45	#define DES_finish(key, schedule)
46		46
47	#elif defined(HAVE_MOZNSS)	47	#elif defined(HAVE_MOZNSS)
48	/*	48	/*
Lines 53-61 Link Here
53	*/	53	*/
54	#define PROTYPES_H 1	54	#define PROTYPES_H 1
55	# include <nss/pk11pub.h>	55	# include <nss/pk11pub.h>
56	typedef PK11SymKey *des_key;	56	typedef PK11SymKey *DES_key;
57	typedef unsigned char des_data_block[8];	57	typedef unsigned char DES_data_block[8];
58	typedef PK11Context *des_context[1];	58	typedef PK11Context *DES_context[1];
59	#define DES_ENCRYPT CKA_ENCRYPT	59	#define DES_ENCRYPT CKA_ENCRYPT
60		60
61	#endif	61	#endif
Lines 664-673 Link Here
664	* abstract away setting the parity.	664	* abstract away setting the parity.
665	*/	665	*/
666	static void	666	static void
667	des_set_key_and_parity( des_key key, unsigned char keyData)	667	DES_set_key_and_parity( DES_key key, unsigned char keyData)
668	{	668	{
669	memcpy(key, keyData, 8);	669	memcpy(key, keyData, 8);
670	des_set_odd_parity( key );	670	DES_set_odd_parity( key );
671	}	671	}
672		672
673		673
Lines 677-683 Link Here
677	* implement MozNSS wrappers for the openSSL calls	677	* implement MozNSS wrappers for the openSSL calls
678	*/	678	*/
679	static void	679	static void
680	des_set_key_and_parity( des_key key, unsigned char keyData)	680	DES_set_key_and_parity( DES_key key, unsigned char keyData)
681	{	681	{
682	SECItem keyDataItem;	682	SECItem keyDataItem;
683	PK11SlotInfo *slot;	683	PK11SlotInfo *slot;
Lines 699-705 Link Here
699	}	699	}
700		700
701	static void	701	static void
702	des_set_key_unchecked( des_key *key, des_context ctxt )	702	DES_set_key_unchecked( DES_key *key, DES_context ctxt )
703	{	703	{
704	ctxt[0] = NULL;	704	ctxt[0] = NULL;
705		705
Lines 712-748 Link Here
712	}	712	}
713		713
714	static void	714	static void
715	des_ecb_encrypt( des_data_block plain, des_data_block encrypted,	715	DES_ecb_encrypt( DES_data_block plain, DES_data_block encrypted,
716	des_context ctxt, int op)	716	DES_context ctxt, int op)
717	{	717	{
718	SECStatus rv;	718	SECStatus rv;
719	int size;	719	int size;
720		720
721	if (ctxt[0] == NULL) {	721	if (ctxt[0] == NULL) {
722	/* need to fail here... */	722	/* need to fail here... */
723	memset(encrypted, 0, sizeof(des_data_block));	723	memset(encrypted, 0, sizeof(DES_data_block));
724	return;	724	return;
725	}	725	}
726	rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0],	726	rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0],
727	&size, sizeof(des_data_block),	727	&size, sizeof(DES_data_block),
728	(unsigned char *)&plain[0], sizeof(des_data_block));	728	(unsigned char *)&plain[0], sizeof(DES_data_block));
729	if (rv != SECSuccess) {	729	if (rv != SECSuccess) {
730	/* signal failure */	730	/* signal failure */
731	memset(encrypted, 0, sizeof(des_data_block));	731	memset(encrypted, 0, sizeof(DES_data_block));
732	return;	732	return;
733	}	733	}
734	return;	734	return;
735	}	735	}
736		736
737	static int	737	static int
738	des_failed(des_data_block *encrypted)	738	DES_failed(DES_data_block *encrypted)
739	{	739	{
740	static const des_data_block zero = { 0 };	740	static const DES_data_block zero = { 0 };
741	return memcmp(encrypted, zero, sizeof(zero)) == 0;	741	return memcmp(encrypted, zero, sizeof(zero)) == 0;
742	}	742	}
743		743
744	static void	744	static void
745	des_finish(des_key *key, des_context ctxt)	745	DES_finish(DES_key *key, DES_context ctxt)
746	{	746	{
747	if (*key) {	747	if (*key) {
748	PK11_FreeSymKey(*key);	748	PK11_FreeSymKey(*key);
Lines 817-823 Link Here
817		817
818	static void lmPasswd_to_key(	818	static void lmPasswd_to_key(
819	const char *lmPasswd,	819	const char *lmPasswd,
820	des_key *key)	820	DES_key *key)
821	{	821	{
822	const unsigned char lpw = (const unsigned char ) lmPasswd;	822	const unsigned char lpw = (const unsigned char ) lmPasswd;
823	unsigned char k[8];	823	unsigned char k[8];
Lines 832-838 Link Here
832	k[6] = ((lpw[5] & 0x3F) << 2) \| (lpw[6] >> 6);	832	k[6] = ((lpw[5] & 0x3F) << 2) \| (lpw[6] >> 6);
833	k[7] = ((lpw[6] & 0x7F) << 1);	833	k[7] = ((lpw[6] & 0x7F) << 1);
834		834
835	des_set_key_and_parity( key, k );	835	DES_set_key_and_parity( key, k );
836	}	836	}
837		837
838	static int chk_lanman(	838	static int chk_lanman(
Lines 843-852 Link Here
843	{	843	{
844	ber_len_t i;	844	ber_len_t i;
845	char UcasePassword[15];	845	char UcasePassword[15];
846	des_key key;	846	DES_key key;
847	des_context schedule;	847	DES_context schedule;
848	des_data_block StdText = "KGS!@#$%";	848	DES_data_block StdText = "KGS!@#$%";
849	des_data_block PasswordHash1, PasswordHash2;	849	DES_data_block PasswordHash1, PasswordHash2;
850	char PasswordHash[33], storedPasswordHash[33];	850	char PasswordHash[33], storedPasswordHash[33];
851		851
852	for( i=0; i<cred->bv_len; i++) {	852	for( i=0; i<cred->bv_len; i++) {
Lines 864-884 Link Here
864	ldap_pvt_str2upper( UcasePassword );	864	ldap_pvt_str2upper( UcasePassword );
865		865
866	lmPasswd_to_key( UcasePassword, &key );	866	lmPasswd_to_key( UcasePassword, &key );
867	des_set_key_unchecked( &key, schedule );	867	DES_set_key_unchecked( &key, &schedule );
868	des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT );	868	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );
869		869
870	if (des_failed(&PasswordHash1)) {	870	if (DES_failed(&PasswordHash1)) {
871	return LUTIL_PASSWD_ERR;	871	return LUTIL_PASSWD_ERR;
872	}	872	}
873		873
874	lmPasswd_to_key( &UcasePassword[7], &key );	874	lmPasswd_to_key( &UcasePassword[7], &key );
875	des_set_key_unchecked( &key, schedule );	875	DES_set_key_unchecked( &key, &schedule );
876	des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT );	876	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
877	if (des_failed(&PasswordHash2)) {	877	if (DES_failed(&PasswordHash2)) {
878	return LUTIL_PASSWD_ERR;	878	return LUTIL_PASSWD_ERR;
879	}	879	}
880		880
881	des_finish( &key, schedule );	881	DES_finish( &key, schedule );
882		882
883	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",	883	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
884	PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],	884	PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],
Lines 1139-1148 Link Here
1139		1139
1140	ber_len_t i;	1140	ber_len_t i;
1141	char UcasePassword[15];	1141	char UcasePassword[15];
1142	des_key key;	1142	DES_key key;
1143	des_context schedule;	1143	DES_context schedule;
1144	des_data_block StdText = "KGS!@#$%";	1144	DES_data_block StdText = "KGS!@#$%";
1145	des_data_block PasswordHash1, PasswordHash2;	1145	DES_data_block PasswordHash1, PasswordHash2;
1146	char PasswordHash[33];	1146	char PasswordHash[33];
1147		1147
1148	for( i=0; i<passwd->bv_len; i++) {	1148	for( i=0; i<passwd->bv_len; i++) {
Lines 1160-1171 Link Here
1160	ldap_pvt_str2upper( UcasePassword );	1160	ldap_pvt_str2upper( UcasePassword );
1161		1161
1162	lmPasswd_to_key( UcasePassword, &key );	1162	lmPasswd_to_key( UcasePassword, &key );
1163	des_set_key_unchecked( &key, schedule );	1163	DES_set_key_unchecked( &key, &schedule );
1164	des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT );	1164	DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT );
1165		1165
1166	lmPasswd_to_key( &UcasePassword[7], &key );	1166	lmPasswd_to_key( &UcasePassword[7], &key );
1167	des_set_key_unchecked( &key, schedule );	1167	DES_set_key_unchecked( &key, &schedule );
1168	des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT );	1168	DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT );
1169		1169
1170	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",	1170	sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
1171	PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],	1171	PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],