Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Got rid of a few magic numbers in ntlm.c

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
  • Loading branch information...
commit be63e6e86837cec71b35446a164ab158cd986ab1 1 parent 3f1647d
@andj authored
View
6 crypto_backend.h
@@ -135,9 +135,9 @@ void key_des_fixup (uint8_t *key, int key_len, int ndc);
* @param src Buffer containing the 8-byte source.
* @param dst Buffer containing the 8-byte destination
*/
-void cipher_des_encrypt_ecb (const unsigned char key[8],
- unsigned char src[8],
- unsigned char dst[8]);
+void cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_LENGTH],
+ unsigned char src[DES_KEY_LENGTH],
+ unsigned char dst[DES_KEY_LENGTH]);
/*
*
View
2  crypto_openssl.c
@@ -652,7 +652,7 @@ cipher_ctx_final (EVP_CIPHER_CTX *ctx, uint8_t *dst, int *dst_len)
void
-cipher_des_encrypt_ecb (const unsigned char key[8],
+cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_LENGTH],
unsigned char *src,
unsigned char *dst)
{
View
3  crypto_openssl.h
@@ -67,4 +67,7 @@ typedef HMAC_CTX hmac_ctx_t;
/** Cipher should decrypt */
#define OPENVPN_OP_DECRYPT 0
+#define DES_KEY_LENGTH 8
+#define MD4_DIGEST_LENGTH 16
+
#endif /* CRYPTO_OPENSSL_H_ */
View
2  crypto_polarssl.c
@@ -413,7 +413,7 @@ int cipher_ctx_final (cipher_context_t *ctx, uint8_t *dst, int *dst_len)
}
void
-cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_SIZE],
+cipher_des_encrypt_ecb (const unsigned char key[DES_KEY_LENGTH],
unsigned char *src,
unsigned char *dst)
{
View
2  crypto_polarssl.h
@@ -66,7 +66,9 @@ typedef md_context_t hmac_ctx_t;
/** Cipher should decrypt */
#define OPENVPN_OP_DECRYPT POLARSSL_DECRYPT
+#define MD4_DIGEST_LENGTH 16
#define MD5_DIGEST_LENGTH 16
#define SHA_DIGEST_LENGTH 20
+#define DES_KEY_LENGTH 8
#endif /* CRYPTO_POLARSSL_H_ */
View
30 ntlm.c
@@ -67,10 +67,10 @@ gen_md4_hash (const char* data, int data_len, char *result)
{
/* result is 16 byte md4 hash */
const md_kt_t *md4_kt = md_kt_get("MD4");
- char md[16];
+ char md[MD4_DIGEST_LENGTH];
md_full(md4_kt, data, data_len, md);
- memcpy (result, md, 16);
+ memcpy (result, md, MD4_DIGEST_LENGTH);
}
static void
@@ -195,14 +195,14 @@ ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
char buf2[128]; /* decoded reply from proxy */
unsigned char phase3[464];
- char md4_hash[21];
+ char md4_hash[MD4_DIGEST_LENGTH+5];
char challenge[8], ntlm_response[24];
int i, ret_val;
char ntlmv2_response[144];
char userdomain_u[256]; /* for uppercase unicode username and domain */
char userdomain[128]; /* the same as previous but ascii */
- char ntlmv2_hash[16];
+ char ntlmv2_hash[MD5_DIGEST_LENGTH];
char ntlmv2_hmacmd5[16];
char *ntlmv2_blob = ntlmv2_response + 16; /* inside ntlmv2_response, length: 128 */
int ntlmv2_blob_size = 0;
@@ -243,7 +243,7 @@ ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
gen_md4_hash(pwbuf, unicodize(pwbuf, p->up.password) - 2, md4_hash);
/* pad to 21 bytes */
- memset(md4_hash + 16, 0, 5);
+ memset(md4_hash + MD4_DIGEST_LENGTH, 0, 5);
ret_val = openvpn_base64_decode( phase_2, (void *)buf2, -1);
if (ret_val < 0)
@@ -269,8 +269,8 @@ ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
else
msg (M_INFO, "Warning: Username or domain too long");
unicodize(userdomain_u, userdomain);
- gen_hmac_md5(userdomain_u, 2 * strlen(userdomain), md4_hash, 16,
- ntlmv2_hash);
+ gen_hmac_md5(userdomain_u, 2 * strlen(userdomain), md4_hash,
+ MD5_DIGEST_LENGTH, ntlmv2_hash);
/* NTLMv2 Blob */
memset(ntlmv2_blob, 0, 128); /* Clear blob buffer */
@@ -306,25 +306,25 @@ ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2,
memcpy(&ntlmv2_response[8], challenge, 8);
/* hmac-md5 */
- gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash, 16,
- ntlmv2_hmacmd5);
+ gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash,
+ MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
/* Add hmac-md5 result to the blob */
- memcpy(ntlmv2_response, ntlmv2_hmacmd5, 16); /* Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
+ memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH); /* Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
}
else
{ /* Generate NTLM response */
- unsigned char key1[8], key2[8], key3[8];
+ unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH], key3[DES_KEY_LENGTH];
create_des_keys((unsigned char *) md4_hash, key1);
cipher_des_encrypt_ecb(key1, challenge, ntlm_response);
- create_des_keys((unsigned char *) &(md4_hash[7]), key2);
- cipher_des_encrypt_ecb(key2, challenge, &ntlm_response[8]);
+ create_des_keys((unsigned char *) &(md4_hash[DES_KEY_LENGTH-1]), key2);
+ cipher_des_encrypt_ecb(key2, challenge, &ntlm_response[DES_KEY_LENGTH]);
- create_des_keys((unsigned char *) &(md4_hash[14]), key3);
- cipher_des_encrypt_ecb(key3, challenge, &ntlm_response[16]);
+ create_des_keys((unsigned char *) &(md4_hash[2*(DES_KEY_LENGTH-1)]), key3);
+ cipher_des_encrypt_ecb(key3, challenge, &ntlm_response[DES_KEY_LENGTH*2]);
}
memset(phase3, 0, sizeof(phase3)); /* clear reply */
Please sign in to comment.
Something went wrong with that request. Please try again.