oracular (3) Authen::Passphrase::LANManagerHalf.3pm.gz

Provided by: libauthen-passphrase-perl_0.008-3_all bug

NAME

       Authen::Passphrase::LANManagerHalf - passphrases using half the LAN Manager algorithm

SYNOPSIS

               use Authen::Passphrase::LANManagerHalf;

               $ppr = Authen::Passphrase::LANManagerHalf->new(
                       hash_hex => "855c3697d9979e78");

               $ppr = Authen::Passphrase::LANManagerHalf->new(
                       passphrase => "passphr");

               $ppr = Authen::Passphrase::LANManagerHalf->from_crypt(
                       '$LM$855c3697d9979e78');

               $ppr = Authen::Passphrase::LANManagerHalf->from_rfc2307(
                       '{CRYPT}$LM$855c3697d9979e78');

               $hash = $ppr->hash;
               $hash_hex = $ppr->hash_hex;

               if($ppr->match($passphrase)) { ...

               $passwd = $ppr->as_crypt;
               $userPassword = $ppr->as_rfc2307;

DESCRIPTION

       An object of this class encapsulates half of a passphrase hashed using the Microsoft LAN
       Manager hash function.  This is a subclass of Authen::Passphrase, and this document
       assumes that the reader is familiar with the documentation for that class.  For the
       complete LAN Manager hash function, see Authen::Passphrase::LANManager.

       In a spectacularly bad design decision, the Microsoft LAN Manager hash function splits the
       passphrase into two parts and hashes them separately.  It is therefore possible to
       separate the halves of a LAN Manager hash, and do things with them (such as crack them)
       separately.  This class is about using such a hash half on its own.

       The half hash algorithm can be used on up to seven Latin-1 characters of passphrase.
       First the passphrase is folded to uppercase, and zero-padded to seven bytes.  Then the
       seven bytes are used as a 56-bit DES key, to encrypt the fixed plaintext block "KGS!@#$%".
       The eight byte ciphertext block is the half hash.  There is no salt.

       Warning: Don't even think about using this seriously.  It's an exceptionally weak design,
       flawed in pretty much every respect.

CONSTRUCTORS

       Authen::Passphrase::LANManagerHalf->new(ATTR => VALUE, ...)
           Generates a new passphrase recogniser object using the LAN Manager half hash
           algorithm.  The following attributes may be given:

           hash
               The hash, as a string of 8 bytes.

           hash_hex
               The hash, as a string of 16 hexadecimal digits.

           passphrase
               A passphrase that will be accepted.

           Either the hash or the passphrase must be given.

       Authen::Passphrase::LANManagerHalf->from_crypt(PASSWD)
           Generates a new LAN Manager half passphrase recogniser object from a crypt string.
           The crypt string must consist of "$LM$" followed by the hash in lowercase hexadecimal.

       Authen::Passphrase::LANManagerHalf->from_rfc2307(USERPASSWORD)
           Generates a new LAN Manager half passphrase recogniser object from an RFC 2307 string.
           The string must consist of "{CRYPT}" (case insensitive) followed by an acceptable
           crypt string.

METHODS

       $ppr->hash
           Returns the hash value, as a string of 8 bytes.

       $ppr->hash_hex
           Returns the hash value, as a string of 16 hexadecimal digits.

       $ppr->match(PASSPHRASE)
       $ppr->as_crypt
       $ppr->as_rfc2307
           These methods are part of the standard Authen::Passphrase interface.

SEE ALSO

       Authen::Passphrase, Authen::Passphrase::LANManager, Crypt::DES

AUTHOR

       Andrew Main (Zefram) <zefram@fysh.org>

       Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram) <zefram@fysh.org>

LICENSE

       This module is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself.