Authen::Passphrase::LANManager.3pm

Langue: en

Autres versions - même langue

Version: 2007-01-21 (ubuntu - 08/07/09)

Section: 3 (Bibliothèques de fonctions)

NAME

Authen::Passphrase::LANManager - passphrases using the LAN Manager hash algorithm

SYNOPSIS

         use Authen::Passphrase::LANManager;
 
         $ppr = Authen::Passphrase::LANManager->new(
                 hash_hex => "855c3697d9979e78ac404c4ba2c66533");
 
         $ppr = Authen::Passphrase::LANManager->new(
                 passphrase => "passphrase");
 
         $ppr = Authen::Passphrase::LANManager->from_rfc2307(
                 "{LANMAN}855c3697d9979e78ac404c4ba2c66533");
 
         $hash = $ppr->hash;
         $hash_hex = $ppr->hash_hex;
 
         $ppr0 = $ppr->first_half;
         $ppr1 = $ppr->second_half;
 
         if($ppr->match($passphrase)) { ...
 
         $userPassword = $ppr->as_rfc2307;
 
 

DESCRIPTION

An object of this class encapsulates a passphrase hashed using the Microsoft LAN Manager hash function. This is a subclass of "Authen::Passphrase", and this document assumes that the reader is familiar with the documentation for that class.

The hash algorithm can be used on up to fourteen Latin-1 characters of passphrase. First the passphrase is folded to uppercase, and zero-padded to fourteen bytes. Then it is split into two halves. Each seven-byte half is used as a 56-bit DES key, to encrypt the fixed plaintext block ``KGS!@#$%''. The eight-byte ciphertexts are concatenated to form the sixteen-byte hash. There is no salt.

Because the two halves of the passphrase are hashed separately, it is possible to manipulate (e.g., crack) a half hash in isolation. See Authen::Passphrase::LANManagerHalf.

Warning: Don't even think about using this seriously. It's an exceptionally weak design, flawed in pretty much every respect.

CONSTRUCTORS

Authen::Passphrase::LANManager->new(ATTR => VALUE, ...)
Generates a new passphrase recogniser object using the LAN Manager hash algorithm. The following attributes may be given:
hash
The hash, as a string of 16 bytes.
hash_hex
The hash, as a string of 32 hexadecimal digits.
passphrase
A passphrase that will be accepted.

Either the hash or the passphrase must be given.
Authen::Passphrase::LANManager->from_rfc2307(USERPASSWORD)
Generates a LAN Manager passphrase recogniser from the supplied RFC2307 encoding. The string must consist of "{LANMAN}`` (or its synonym ''{LANM}") followed by the hash in hexadecimal; case is ignored.

METHODS

$ppr->hash
Returns the hash value, as a string of 16 bytes.
$ppr->hash_hex
Returns the hash value, as a string of 32 hexadecimal digits.
$ppr->first_half
Returns the hash of the first half of the passphrase, as an "Authen::Passphrase::LANManagerHalf" passphrase recogniser.
$ppr->second_half
Returns the hash of the second half of the passphrase, as an "Authen::Passphrase::LANManagerHalf" passphrase recogniser.
$ppr->match(PASSPHRASE)
$ppr->as_rfc2307
These methods are part of the standard "Authen::Passphrase" interface.

SEE ALSO

Authen::Passphrase, Authen::Passphrase::LANManagerHalf, Crypt::DES

AUTHOR

Andrew Main (Zefram) <zefram@fysh.org> Copyright (C) 2006, 2007 Andrew Main (Zefram) <zefram@fysh.org>

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.