Re: [NSE + NSELib] Netbios and SMB [stable!]

[David Fifield <david () bamsoftware com>]

On Mon, Oct 06, 2008 at 10:21:39PM +0200, Sven Klemm wrote:
> | David Fifield wrote:
> |> On Mon, Oct 06, 2008 at 10:33:19AM +0200, Sven Klemm wrote:
> |  >
> |> What happens if the parity check fails? Some kind of catchable error
> |> ("OpenSSL error")?
> |
> | I think it should be an optional error, too, because when I calculate
> | the key by hand, I'm not even calculating the parity bits, just making
> | room for them.
>
> Parity is apparently not checked by the EVP_Encrypt funtions. I
> toggled the parity bits and encryption still worked and produced the
> same result. There is a DES set_key function which checks for weak
> keys and checks parity but this functionality does not seem to be
> available separately. Do you think functions for setting and checking
> are required or do you think one of them is sufficient?

That's interesting that OpenSSL ignores the parity bits. I don't know
exactly what scripts will need, but it seems that at least a function to
convert a 56-bit byte string to a 64-bit key with correct parity would
be required. Is that what you needed for your script, Ron?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org