Reputation: 510
HMAC-MD5 using openSSL
I'm trying to study NTLMv2 response, Eric Glass's work.
but stuck at HMAC-MD5 section. (using function like this)
I got the right NTLM hash, and unicode username & domain.
(he only emphasize the "USERDOMAIN" but no username, so I suppose it's "USER")
unsigned char v1hash[16]; // "0xcd06ca7c7e10c99b1d33b7485a2ed808"
unsigned short udata[14];
// concated unicode USER+USERDOMAIN "0x550053004500520044004f004d00410049004e00"
unsigned char v2hash[16];
int iLen;
HMAC(EVP_md5(), v1hash, 16, udata, sizeof(udata), v2hash, &iLen);
but the result is:
v2hash(16): 23 d2 3c a4 dd 1a 20 81 35 cf 3a 42 1c e1 5a 17
which should be "0x04b8e0ba74289cc540826bab1dee63ae"
am I doing something wrong here?
Upvotes: 0
Views: 1172
Answers (1)
Reputation: 3758
I'm not a C programmer but...
From my reading of that article USERDOMAIN should be just that - NOT USER+USERDOMAIN ie the uppercase username = "USER" concat with the target = "DOMAIN" to give USERDOMAIN which gives the unicode bytes beginning 55005300...
Then it would appear your udata array is the wrong size. You're only processing 20 bytes of information so don't set the array to 28 otherwise the HMAC/MD5 functions will be processing extra random data at the end of the input array.
Upvotes: 1
Related Questions
- HMAC-SHA256 in C with OpenSSL - how to get a correct output
- implementing hmac sha1 in C
- C++ - HMAC MD5 is not equals with online generator
- MD5 HMAC With OpenSSL
- MD5 of string gives wrong output in C
- md5 reference error
- How to use OpenSSL exacly?
- MD5/ SHA1 hash with salt using openssl in c programming
- Unexpected MD5 hash value using openssl/md5
- openssl error : implicit declaration of MD5Init