[Pidgin] #48: Make SIP/SIMPLE work with Microsoft Live Communication Server
Pidgin
trac at pidgin.im
Mon Sep 10 11:36:14 EDT 2007
#48: Make SIP/SIMPLE work with Microsoft Live Communication Server
--------------------------+-------------------------------------------------
Reporter: MarkDoliner | Owner: shulman
Type: patch | Status: new
Priority: minor | Milestone: 2.3.0
Component: libpurple | Version: 2.0
Resolution: | Keywords: MS LCS SIMPLE
Pending: 0 |
--------------------------+-------------------------------------------------
Comment (by shulman):
I am realizing that I may not have much time to work on this so I have
posted the code and information I have. Hope this helps. I'll hop back on
the task if I get some time. Cheers!
First to generate an NTLM datagram session key (an arc4 implementation is
needed. One is available at: http://xyssl.org/code/source/arc4/):
static void generate_datagram_session_key(char *lm_hash, char
*lm_response, char *session_key, char *encrypted_session_key) {
/*Input: LM hash (unsigned char *, 21 bytes?)
* LM Response (unsigned char *, 24 bytes?)
* Session Key Buffer (8-bytes for weakend?)
* Encrypted Session Key Buffer (16-byte)
*Postcondition: Session Key & Encrypted Session Key are populated
correctly
*
*Datagram Session Security
*http://davenport.sourceforge.net/ntlm.html
*/
char des_source_1[7];
char des_source_2[7];
char des_key_1[8];
char des_key_2[8];
char lan_manager_session_key[16];
char full_session_key[16];
int i;
//1. The 16-byte LM hash (calculated previously) is truncated to 8
bytes.
//2. This is padded to 14 bytes with the value "0xbdbdbdbdbdbd".
// Is it the string value or the hex value? Hex is right size.
//3. This value is split into two 7-byte halves.
memcpy(des_source_1, lm_hash, 7);
memcpy(des_source_2, lm_hash+7, 1);
for(i=1; i<7; i++) {
des_source_2[i] = (char) 0xbd;
}
//4. These values are used to create two DES keys (one from each 7-byte
half).
setup_des_key(des_source_1, des_key_1);
setup_des_key(des_source_2, des_key_2);
//5. Each of these keys is used to DES-encrypt the first 8 bytes of the
LM
// response (resulting in two 8-byte ciphertext values).
//6. These two ciphertext values are concatenated to form a 16-byte
value -
// the Lan Manager Session Key.
des_ecb_encrypt(lm_response, (char*)(lan_manager_session_key),
des_key_1);
des_ecb_encrypt(lm_response, (char*)(lan_manager_session_key+8),
des_key_2);
//7. The client selects a random 16-byte key that will be used as the
basis
// for signing and sealing. This is RC4 encrypted using the Lan
Manager
// Session key, and the encrypted value is sent to the server in the
Type
// 3 message (the session key field).
gensesskey(full_session_key, NULL);
arc4_encrypt(full_session_key, encrypted_session_key,
lan_manager_session_key);
//8. The 16-byte key from the previous step is weakened to 40 bits - the
first
// 5 bytes are retained, then padded to 8 bytes with 0xe538b0.
for(i=0; i<5; i++) {
session_key[i]=full_session_key[i];
}
session_key[5]=(char)0xe5;
session_key[6]=(char)0x38;
session_key[7]=(char)0xb0;
}
Some Excerpts from an earlier email from Anibal regarding computing of
signature:
The signature is computed using the
session key across following fields:
- The From header URI
- The To header URI
- The From header tag
- The To header tag
- The "crand" parameter in the Proxy-Authorization or the "srand"
parameter in the Proxy-Authentication-Info header
- The Expires value in the SIP message Expires header.
The message body of the SIP message is not included in the signature.
A proxy-authorization header contains either the gssapi-data parameter
or the response (signature) parameter."
--
Ticket URL: <http://developer.pidgin.im/ticket/48#comment:71>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list