Re: Where can I find NTLMSSP Spec?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 16 May 2002 19:02:37 +0200

From the des manpage on my system:

       des_set_odd_parity() (called des_fixup_key_parity() in the
       MIT library) sets the parity of the passed key to odd.

       There are two phases to the use of DES encryption. The
       first is the generation of a des_key_schedule from a key,
       the second is the actual encryption. A DES key is of type
       des_cblock. This type is consists of 8 bytes with odd
       parity. The least significant bit in each byte is the
       parity bit. The key schedule is an expanded form of the
       key; it is used to speed the encryption process.

So either you are lucky and the parity was correct on your data (very
unlikely) the DES function you are using do not use the parity bits of the
key in the calculation (more likely).

Regards
Henrik

Yee Man Chan wrote:
> Thanks Henrik for the link. :) Now I got my toy
> program to generate the correct responses. I still
> have one question though: What does this
> des_set_odd_parity do? My toy program doesn't have
> code related to it but it still "works". Am I just
> lucky that I am using some nice inputs?
>
> Cheers,
> Yee Man
>
> void setup_des_key(unsigned char key_56[],
> des_key_schedule ks)
> {
> des_cblock key;
>
> key[0] = key_56[0];
> key[1] = ((key_56[0] << 7) & 0xFF) |
> (key_56[1] >> 1);
> key[2] = ((key_56[1] << 6) & 0xFF) |
> (key_56[2] >> 2);
> key[3] = ((key_56[2] << 5) & 0xFF) |
> (key_56[3] >> 3);
> key[4] = ((key_56[3] << 4) & 0xFF) |
> (key_56[4] >> 4);
> key[5] = ((key_56[4] << 3) & 0xFF) |
> (key_56[5] >> 5);
> key[6] = ((key_56[5] << 2) & 0xFF) |
> (key_56[6] >> 6);
> key[7] = (key_56[6] << 1) & 0xFF;
>
> des_set_odd_parity(&key);
> des_set_key(&key, ks);
> }
>
> --- Henrik Nordstrom <hno@marasystems.com> wrote:
> > The above is only calculating password hashes, not
> > the response.
> >
> > See http://www.innovation.ch/java/ntlm.html (one of
> > the documents linked from
> > http://devel.squid-cache.org/ntlm/), it has
> > psuedo-code for both LANMAN and
> > NTLM responses.
> >
> > Regards
> > Henrik
>
> __________________________________________________
> Do You Yahoo!?
> LAUNCH - Your Yahoo! Music Experience
> http://launch.yahoo.com
Received on Thu May 16 2002 - 11:02:59 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:27 MST