You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RFC 2865 says:
Call the shared secret S and the pseudo-random 128-bit Request
Authenticator RA. Break the password into 16-octet chunks p1, p2,
etc. with the last one padded at the end with nulls to a 16-octet
boundary. Call the ciphertext blocks c(1), c(2), etc. We'll need
intermediate values b1, b2, etc.
b1 = MD5(S + RA) c(1) = p1 xor b1
b2 = MD5(S + c(1)) c(2) = p2 xor b2
. .
. .
. .
bi = MD5(S + c(i-1)) c(i) = pi xor bi
The String will contain c(1)+c(2)+...+c(i) where + denotes
concatenation.
However when calculating b2, b3, b4, etc. Secret+P1, Secret+P2, Secret+P3, etc
is used, when it should have been c(1), c(2), c(3), etc.
This means that passwords longer than 16bytes will be calculated wrong and will
not work.
Attached is patch that fixes the problem..
Hope this help you (or someone else)
Cheers
Esben
Original issue reported on code.google.com by [email protected] on 16 May 2013 at 9:10
Original issue reported on code.google.com by
[email protected]
on 16 May 2013 at 9:10Attachments:
The text was updated successfully, but these errors were encountered: