diff options
Diffstat (limited to 'misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch')
| -rw-r--r-- | misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch | 195 |
1 files changed, 195 insertions, 0 deletions
diff --git a/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch new file mode 100644 index 0000000000..305cd780bd --- /dev/null +++ b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch @@ -0,0 +1,195 @@ +diff -Naur chntpw-140201.orig/Makefile chntpw-140201/Makefile +--- chntpw-140201.orig/Makefile 2014-02-01 17:54:37.000000000 +0100 ++++ chntpw-140201/Makefile 2021-04-04 19:25:52.517404000 +0200 +@@ -1,32 +1,14 @@ + # + # Makefile for the Offline NT Password Editor + # +-# +-# Change here to point to the needed OpenSSL libraries & .h files +-# See INSTALL for more info. +-# +- +-#SSLPATH=/usr/local/ssl +-OSSLPATH=/usr +-OSSLINC=$(OSSLPATH)/include + + CC=gcc ++CFLAGS=-DUSELIBGCRYPT -g -I. $(shell libgcrypt-config --cflags) -Wall $(EXTRA_CFLAGS) + +-# Force 32 bit +-CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 +-OSSLLIB=$(OSSLPATH)/lib +- +-# 64 bit if default for compiler setup +-#CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall +-#OSSLLIB=$(OSSLPATH)/lib64 +- +- +-# This is to link with whatever we have, SSL crypto lib we put in static +-#LIBS=-L$(OSSLLIB) $(OSSLLIB)/libcrypto.a +-LIBS=-L$(OSSLLIB) ++LIBS=$(shell libgcrypt-config --libs) + + +-all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static ++all: chntpw cpnt reged samusrgrp sampasswd + + chntpw: chntpw.o ntreg.o edlib.o libsam.o + $(CC) $(CFLAGS) -o chntpw chntpw.o ntreg.o edlib.o libsam.o $(LIBS) +diff -Naur chntpw-140201.orig/chntpw.c chntpw-140201/chntpw.c +--- chntpw-140201.orig/chntpw.c 2014-02-01 17:54:37.000000000 +0100 ++++ chntpw-140201/chntpw.c 2021-04-04 19:24:37.185404000 +0200 +@@ -16,6 +16,7 @@ + * 2010-jun: Syskey not visible in menu, but is selectable (2) + * 2010-apr: Interactive menu adapts to show most relevant + * selections based on what is loaded ++ * 2008-may: port to libgcrypt to avoid GPL/OpenSSL incompatibility [Debian] + * 2008-mar: Minor other tweaks + * 2008-mar: Interactive reg ed moved out of this file, into edlib.c + * 2008-mar: 64 bit compatible patch by Mike Doty, via Alon Bar-Lev +@@ -79,8 +80,14 @@ + */ + + #ifdef DOCRYPTO ++#if defined(USEOPENSSL) + #include <openssl/des.h> + #include <openssl/md4.h> ++#elif defined(USELIBGCRYPT) ++ #include <gcrypt.h> ++#else ++ #error No DES encryption and MD4 hashing library found ++#endif + #endif + + #define uchar u_char +@@ -155,7 +162,9 @@ + for (i=0;i<8;i++) { + key[i] = (key[i]<<1); + } ++#if defined(USEOPENSSL) + DES_set_odd_parity((des_cblock *)key); ++#endif + } + + /* +@@ -200,6 +209,7 @@ + + void E1(uchar *k, uchar *d, uchar *out) + { ++#if defined(USEOPENSSL) + des_key_schedule ks; + des_cblock deskey; + +@@ -210,6 +220,15 @@ + des_set_key((des_cblock *)deskey,ks); + #endif /* __FreeBsd__ */ + des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks; ++ uchar deskey[8]; ++ str_to_key(k,deskey); ++ gcry_cipher_open(&ks, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_setkey(ks, deskey, 8); ++ gcry_cipher_encrypt(ks, out, 8, d, 8); ++ gcry_cipher_close(ks); ++#endif + } + + #endif /* DOCRYPTO */ +@@ -343,9 +362,16 @@ + int i; + char md4[32],lanman[32]; + char newunipw[34], despw[20], newlanpw[16], newlandes[20]; ++#ifdef USEOPENSSL + des_key_schedule ks1, ks2; + des_cblock deskey1, deskey2; + MD4_CTX context; ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks1, ks2; ++ uchar deskey1[8], deskey2[8]; ++ unsigned char *p; ++ gcry_md_hd_t context; ++#endif + unsigned char digest[16]; + uchar x1[] = {0x4B,0x47,0x53,0x21,0x40,0x23,0x24,0x25}; + #endif +@@ -460,6 +486,7 @@ + } + + #ifdef DOCRYPTO ++#if defined(USEOPENSSL) + /* Get the two decrpt keys. */ + sid_to_key1(rid,(unsigned char *)deskey1); + des_set_key((des_cblock *)deskey1,ks1); +@@ -477,6 +504,25 @@ + (des_cblock *)lanman, ks1, DES_DECRYPT); + des_ecb_encrypt((des_cblock *)(vp+lmpw_offs + 8), + (des_cblock *)&lanman[8], ks2, DES_DECRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Start the keys */ ++ gcry_cipher_open(&ks1, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_open(&ks2, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ ++ /* Get the two decrpt keys. */ ++ sid_to_key1(rid,deskey1); ++ gcry_cipher_setkey(ks1, deskey1, 8); ++ sid_to_key2(rid,deskey2); ++ gcry_cipher_setkey(ks2, deskey2, 8); ++ ++ /* Decrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, md4, 8, vp+ntpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &md4[8], 8, vp+ntpw_offs+8, 8); ++ ++ /* Decrypt the lanman password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, lanman, 8, vp+lmpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &lanman[8], 8, vp+lmpw_offs+8, 8); ++#endif + + if (gverbose) { + hexprnt("MD4 hash : ",(unsigned char *)md4,16); +@@ -544,9 +590,17 @@ + + /* printf("Ucase Lanman: %s\n",newlanpw); */ + ++#if defined(USEOPENSSL) + MD4Init (&context); + MD4Update (&context, newunipw, pl<<1); + MD4Final (digest, &context); ++#elif defined(USELIBGCRYPT) ++ gcry_md_open(&context, GCRY_MD_MD4, 0); ++ gcry_md_write(context, newunipw, pl<<1); ++ p = gcry_md_read(context, GCRY_MD_MD4); ++ if(p) memcpy(digest, p, gcry_md_get_algo_dlen(GCRY_MD_MD4)); ++ gcry_md_close(context); ++#endif + + if (gverbose) hexprnt("\nNEW MD4 hash : ",digest,16); + +@@ -555,6 +609,7 @@ + + if (gverbose) hexprnt("NEW LANMAN hash : ",(unsigned char *)lanman,16); + ++#if defined(USEOPENSSL) + /* Encrypt the NT md4 password hash as two 8 byte blocks. */ + des_ecb_encrypt((des_cblock *)digest, + (des_cblock *)despw, ks1, DES_ENCRYPT); +@@ -565,6 +620,18 @@ + (des_cblock *)newlandes, ks1, DES_ENCRYPT); + des_ecb_encrypt((des_cblock *)(lanman+8), + (des_cblock *)&newlandes[8], ks2, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Encrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_encrypt(ks1, despw, 8, digest, 8); ++ gcry_cipher_encrypt(ks2, &despw[8], 8, digest+8, 8); ++ ++ gcry_cipher_encrypt(ks1, newlandes, 8, lanman, 8); ++ gcry_cipher_encrypt(ks2, &newlandes[8], 8, lanman+8, 8); ++ ++ /* Close keys, not needed after this */ ++ gcry_cipher_close(ks1); ++ gcry_cipher_close(ks2); ++#endif + + if (gverbose) { + hexprnt("NEW DES crypt : ",(unsigned char *)despw,16); |