void smb_ntlm2_hash(const char *user, const char *password, const char *dest, smb_ntlmh *hash) { smb_ntlmh hash_v1; char *ucs_user, *ucs_dest, *data, user_upper[64]; size_t ucs_user_len, ucs_dest_len, data_len; smb_ntlm_hash(password, &hash_v1); strlcpy(user_upper, user, 64); _upcase(user_upper); ucs_user_len = smb_to_utf16(user_upper, strlen(user_upper), &ucs_user); ucs_dest_len = smb_to_utf16(dest, strlen(dest), &ucs_dest); data_len = ucs_user_len + ucs_dest_len; data = alloca(data_len); memcpy(data, ucs_user, ucs_user_len); memcpy(data + ucs_user_len, ucs_dest, ucs_dest_len); HMAC_MD5(hash_v1, SMB_NTLM_HASH_SIZE, data, data_len, hash); free(ucs_user); free(ucs_dest); }
// TLS type HAMC void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz, ContentType content, bool verify) { mySTL::auto_ptr<Digest> hmac; opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; opaque length[LENGTH_SZ]; opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len c16toa(sz, length); c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]); MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_; if (algo == sha) hmac.reset(NEW_YS HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN)); else if (algo == rmd) hmac.reset(NEW_YS HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN)); else hmac.reset(NEW_YS HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN)); hmac->update(seq, SEQ_SZ); // seq_num inner[0] = content; // type inner[SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.major_; inner[SIZEOF_ENUM + SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.minor_; // version memcpy(&inner[SIZEOF_ENUM + VERSION_SZ], length, LENGTH_SZ); // length hmac->update(inner, sizeof(inner)); hmac->get_digest(digest, buffer, sz); // content }
void smb_ntlm2_session_key(smb_ntlmh *hash_v2, void *ntlm2, smb_ntlmh *xkey, smb_ntlmh *xkey_crypt) { struct rc4_state rc4; smb_ntlmh hmac_ntlm2; HMAC_MD5(&hash_v2, 16, ntlm2, 16, &hmac_ntlm2); rc4_init(&rc4, hmac_ntlm2, 16); rc4_crypt(&rc4, (void *)xkey, (void *)xkey_crypt, 16); }
void smb_ntlm2_session_key(smb_ntlmh hash_v2, void *ntlm2, smb_ntlmh xkey, smb_ntlmh xkey_crypt) { struct rc4_state rc4; smb_ntlmh hmac_ntlm2; HMAC_MD5(hash_v2, SMB_NTLM_HASH_SIZE, ntlm2, SMB_NTLM_HASH_SIZE, hmac_ntlm2); rc4_init(&rc4, hmac_ntlm2, 16); rc4_crypt(&rc4, (void *)xkey, (void *)xkey_crypt, 16); }
void OpenPGPCryptoHashHMAC::reset(void) { std::string key(m_keyBuf.rawBuffer(), m_keyLen); switch (m_hashType) { case (XSECCryptoHash::HASH_SHA1) : mp_md.reset(HMAC_SHA1(key)); break; case (XSECCryptoHash::HASH_MD5) : mp_md.reset(HMAC_MD5(key)); break; case (XSECCryptoHash::HASH_SHA224) : mp_md.reset(HMAC_SHA224(key)); break; case (XSECCryptoHash::HASH_SHA256) : mp_md.reset(HMAC_SHA256(key)); break; case (XSECCryptoHash::HASH_SHA384) : mp_md.reset(HMAC_SHA384(key)); break; case (XSECCryptoHash::HASH_SHA512) : mp_md.reset(HMAC_SHA512(key)); break; default : mp_md.reset(); } if(!mp_md) { throw XSECCryptoException(XSECCryptoException::MDError, "OpenPGP:HashHMAC - Error loading Message Digest"); } }
void ChallengeAuth(CString sChallenge) { if (m_bAuthed) return; CString sUsername = m_sUsername.AsLower() .Replace_n("[", "{") .Replace_n("]", "}") .Replace_n("\\", "|"); CString sPasswordHash = m_sPassword.Left(10).MD5(); CString sKey = CString(sUsername + ":" + sPasswordHash).MD5(); CString sResponse = HMAC_MD5(sKey, sChallenge); PutModule("Auth: Received challenge, sending CHALLENGEAUTH request..."); PutQ("CHALLENGEAUTH " + m_sUsername + " " + sResponse + " HMAC-MD5"); }
/** * @brief Main program * @param None * @retval None */ int main(void) { /*!< At this stage the microcontroller clock setting is already configured, this is done through SystemInit() function which is called from startup files (startup_stm32f40_41xxx.s/startup_stm32f427_437xx.s/startup_stm32f429_439xx.s) before to branch to application main. */ /* USART configuration */ USART_Config(); /* Enable HASH clock */ RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_HASH, ENABLE); /* Display the original message */ Display_MainMessage(); /*============================================================================= HMAC SHA-1 Digest Computation ==============================================================================*/ /* HMAC SHA-1 Digest Computation */ HMAC_SHA1((uint8_t*)Key, KEY_TAB_SIZE, (uint8_t*)Input, INPUT_TAB_SIZE, Sha1output); /* Display the HMAC SHA1 digest */ Display_SHA1Digest(); /*============================================================================= HMAC MD5 Digest Computation ==============================================================================*/ /* HMAC MD5 Digest Computation */ HMAC_MD5((uint8_t*)Key, KEY_TAB_SIZE, (uint8_t*)Input, INPUT_TAB_SIZE, Md5output); /* Display the HMAC MD5 digest */ Display_MD5Digest(); while(1); }
uint8_t *smb_ntlm2_response(smb_ntlmh *hash_v2, uint64_t srv_challenge, smb_buffer *blob) { smb_buffer data; uint8_t *response, hmac[16]; smb_buffer_alloca(&data, sizeof(uint64_t) + blob->size); memcpy(data.data, (void *)&srv_challenge, sizeof(uint64_t)); memcpy(data.data + sizeof(uint64_t), blob->data, blob->size); HMAC_MD5(hash_v2, SMB_NTLM_HASH_SIZE, data.data, data.size, &hmac); response = malloc(blob->size + 16); assert(response != NULL); memcpy(response, (void *)hmac, 16); memcpy(response + 16, blob->data, blob->size); return (response); }
uint8_t *smb_ntlm2_response(smb_ntlmh hash_v2, uint64_t srv_challenge, smb_buffer *blob) { smb_buffer data; uint8_t *response, hmac[16]; if (smb_buffer_alloc(&data, sizeof(uint64_t) + blob->size) == 0) return NULL; memcpy(data.data, (void *)&srv_challenge, sizeof(uint64_t)); memcpy((uint8_t*)data.data + sizeof(uint64_t), blob->data, blob->size); HMAC_MD5(hash_v2, SMB_NTLM_HASH_SIZE, data.data, data.size, &hmac); smb_buffer_free(&data); response = malloc(blob->size + 16); if (!response) return NULL; memcpy(response, (void *)hmac, 16); memcpy(response + 16, blob->data, blob->size); return response; }
VOID WpaMicFailureReportFrame( IN PRTMP_ADAPTER pAd, IN MLME_QUEUE_ELEM *Elem) { PUCHAR pOutBuffer = NULL; UCHAR Header802_3[14]; ULONG FrameLen = 0; EAPOL_PACKET Packet; UCHAR Mic[16]; BOOLEAN bUnicast; DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame ----->\n")); bUnicast = (Elem->Msg[0] == 1 ? TRUE:FALSE); pAd->Sequence = ((pAd->Sequence) + 1) & (MAX_SEQ_NUMBER); // init 802.3 header and Fill Packet MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL); NdisZeroMemory(&Packet, sizeof(Packet)); Packet.ProVer = EAPOL_VER; Packet.ProType = EAPOLKey; Packet.KeyDesc.Type = WPA1_KEY_DESC; // Request field presented Packet.KeyDesc.KeyInfo.Request = 1; if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) { Packet.KeyDesc.KeyInfo.KeyDescVer = 2; } else // TKIP { Packet.KeyDesc.KeyInfo.KeyDescVer = 1; } Packet.KeyDesc.KeyInfo.KeyType = (bUnicast ? PAIRWISEKEY : GROUPKEY); // KeyMic field presented Packet.KeyDesc.KeyInfo.KeyMic = 1; // Error field presented Packet.KeyDesc.KeyInfo.Error = 1; // Update packet length after decide Key data payload SET_UINT16_TO_ARRARY(Packet.Body_Len, LEN_EAPOL_KEY_MSG) // Key Replay Count NdisMoveMemory(Packet.KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY); inc_byte_array(pAd->StaCfg.ReplayCounter, 8); // Convert to little-endian format. *((USHORT *)&Packet.KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&Packet.KeyDesc.KeyInfo)); MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); // allocate memory if(pOutBuffer == NULL) { return; } // Prepare EAPOL frame for MIC calculation // Be careful, only EAPOL frame is counted for MIC calculation MakeOutgoingFrame(pOutBuffer, &FrameLen, CONV_ARRARY_TO_UINT16(Packet.Body_Len) + 4, &Packet, END_OF_ARGS); // Prepare and Fill MIC value NdisZeroMemory(Mic, sizeof(Mic)); if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled) { // AES UCHAR digest[20] = {0}; HMAC_SHA1(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, digest, SHA1_DIGEST_SIZE); NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC); } else { // TKIP HMAC_MD5(pAd->StaCfg.PTK, LEN_EAP_MICK, pOutBuffer, FrameLen, Mic, MD5_DIGEST_SIZE); } NdisMoveMemory(Packet.KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC); // copy frame to Tx ring and send MIC failure report frame to authenticator RTMPToWirelessSta(pAd, &pAd->MacTab.Content[BSSID_WCID], Header802_3, LENGTH_802_3, (PUCHAR)&Packet, CONV_ARRARY_TO_UINT16(Packet.Body_Len) + 4, FALSE); MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer); DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame <-----\n")); }
int main(void) { MD5_CTX h1; unsigned char out[32]; unsigned char text[16]; AES_KEY key; unsigned char counter[AES_BLOCK_SIZE] = {0}; unsigned char ecount_buf[AES_BLOCK_SIZE] = {0}; unsigned int num = 0; int i; uint8_t rc4_buffer[30]; #ifndef HOST_VERSION /* UART */ uart_init(); fdevopen(uart0_dev_send, uart0_dev_recv); sei(); #endif /************ TEST RC4 */ for( i = 0; i < 6; i++ ) { printf( " Test %d ", i + 1 ); memcpy( rc4_buffer, rc4_data[i], rc4_data_len[i] ); rc4_init( &rc4_keys[i][1], rc4_keys[i][0] ); rc4_crypt( rc4_buffer, rc4_data_len[i] ); if( memcmp( rc4_buffer, rc4_output[i], rc4_data_len[i] ) ) { printf( "RC4 failed!\n" ); } else { printf( "RC4 test passed.\n" ); } } memset(my_key, 0, 16); strcpy((char*)my_key, "toto"); /*TEST HASH MD5*/ MD5Init(&h1); MD5Update(&h1, text_in, 64); MD5Update(&h1, my_key, 32); MD5Final(out, &h1); if (memcmp(out,"\xB8\x65\xA8\x46\xFC\x9F\x81\xFC\x4B\x98\x73\x4B\xAB\x1D\x4E\x65",16)) printf( "Hash MD5 failed!\n" ); else printf( "Hash MD5 passed\n" ); /*TEST AES ENCRYPT*/ AES_set_encrypt_key(my_key, key_len, &key); AES_encrypt(text_in, out, &key); if (memcmp(out,"\x7F\xA0\x88\xA5\xDB\x57\xE8\x63\x44\x35\xF6\xF5\x7F\xE6\x4A\xA1",16)) printf( "AES encrypt failed!\n" ); else printf( "AES encrypt passed\n" ); /*TEST AES DECRYPT*/ AES_set_decrypt_key(my_key, key_len, &key); AES_decrypt(out, text, &key); if (memcmp(text,"\x36\x36\x36\x44\x6F\x79\x6F\x75\x72\x65\x63\x6F\x67\x6E\x69\x7A",16)) printf( "AES decrypt failed!\n" ); else printf( "AES decrypt passed\n" ); /*TEST AES MODE CTR ENCRYPT*/ memset(counter, 0, AES_BLOCK_SIZE); memset(ecount_buf, 0, AES_BLOCK_SIZE); num = 0; AES_set_encrypt_key(test_aes_ctr_key, key_len, &key); for (i=0;i<sizeof(test_aes_text)-1;i++) AES_ctr128_encrypt(&test_aes_text[i], &text_im[i], 1, &key,counter,ecount_buf,&num); if (memcmp(text_im, "\x07\x8B\x28\xB0\x8A\xEC\x4B\x53\xE1\x26\x91\x35\xA7\x5A\x44\x5E" "\x09\xF9\xBE\x65\x6B\xB9\x04\xAC\x9E\xF7\x6F\x63\xFD\xB1\x11\x26" "\xF2\xF8\x7D\x6B\x95\xC7\xF2\xB2\x01\xFD\xBD\x24\x20\x6D\xFC\xEB" "\xCD\x38\xEC\x77\xBC\xCA\x84\xB5\x63\x4E\x4E\x82\x1E\x9E\x72\x77", 64)) printf( "AES counter encrypt failed!\n" ); else printf( "AES counter encrypt passed\n" ); /*TEST AES MODE CTR DECRYPT*/ memset(counter, 0, AES_BLOCK_SIZE); memset(ecount_buf, 0, AES_BLOCK_SIZE); num=0; AES_set_encrypt_key(test_aes_ctr_key, key_len, &key); for (i=0;i<64;i++) AES_ctr128_encrypt(&text_im[i], &text_out[i], 1, &key,counter,ecount_buf,&num); if (memcmp(text_out, test_aes_text, 64)) printf( "AES counter encrypt failed!\n" ); else printf( "AES counter encrypt passed\n" ); /*TEST HASH MAC MD5 rfc2104*/ /*RESULT 0x9294727a3638bb1c13f48ef8158bfc9d*/ HMAC_MD5(out, test_hmac_md5_data, test_hmac_md5_key, 8, 16); if (memcmp(out,"\x92\x94\x72\x7A\x36\x38\xBB\x1C\x13\xF4\x8E\xF8\x15\x8B\xFC\x9D", 16)) printf( "AES counter encrypt failed!\n" ); else printf( "AES counter encrypt passed\n" ); printf( "End\n"); while(1); return 0; }
void Htdoc::Response() { if((m_session->GetWWWAuthScheme() == asBasic || m_session->GetWWWAuthScheme() == asDigest) && !m_session->IsPassedWWWAuth()) { CHttpResponseHdr header; header.SetStatusCode(SC401); string strRealm = "User or Administrator"; unsigned char md5key[17]; sprintf((char*)md5key, "%016lx", pthread_self()); unsigned char szMD5Realm[16]; char szHexMD5Realm[33]; HMAC_MD5((unsigned char*)strRealm.c_str(), strRealm.length(), md5key, 16, szMD5Realm); sprintf(szHexMD5Realm, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", szMD5Realm[0], szMD5Realm[1], szMD5Realm[2], szMD5Realm[3], szMD5Realm[4], szMD5Realm[5], szMD5Realm[6], szMD5Realm[7], szMD5Realm[8], szMD5Realm[9], szMD5Realm[10], szMD5Realm[11], szMD5Realm[12], szMD5Realm[13], szMD5Realm[14], szMD5Realm[15]); string strVal; if(m_session->GetWWWAuthScheme() == asBasic) { strVal = "Basic realm=\""; strVal += strRealm; strVal += "\""; } else if(m_session->GetWWWAuthScheme() == asDigest) { struct timeval tval; struct timezone tzone; gettimeofday(&tval, &tzone); char szNonce[35]; srandom(time(NULL)); unsigned long long thisp64 = (unsigned long long)this; thisp64 <<= 32; thisp64 >>= 32; unsigned long thisp32 = (unsigned long)thisp64; sprintf(szNonce, "%08x%016lx%08x%02x", tval.tv_sec, tval.tv_usec + 0x01B21DD213814000ULL, thisp32, random()%255); strVal = "Digest realm=\""; strVal += strRealm; strVal += "\", qop=\"auth,auth-int\", nonce=\""; strVal += szNonce; strVal += "\", opaque=\""; strVal += szHexMD5Realm; strVal += "\""; } //printf("%s\n", strVal.c_str()); header.SetField("WWW-Authenticate", strVal.c_str()); header.SetField("Content-Type", "text/html"); header.SetField("Content-Length", header.GetDefaultHTMLLength()); m_session->SendHeader(header.Text(), header.Length()); m_session->SendContent(header.GetDefaultHTML(), header.GetDefaultHTMLLength()); return; }