NAME¶
Authen::Passphrase::LANManager - passphrases using the LAN Manager hash
algorithm
SYNOPSIS¶
use Authen::Passphrase::LANManager;
$ppr = Authen::Passphrase::LANManager->new(
hash_hex => "855c3697d9979e78ac404c4ba2c66533");
$ppr = Authen::Passphrase::LANManager->new(
passphrase => "passphrase");
$ppr = Authen::Passphrase::LANManager->from_rfc2307(
"{LANMAN}855c3697d9979e78ac404c4ba2c66533");
$hash = $ppr->hash;
$hash_hex = $ppr->hash_hex;
$ppr0 = $ppr->first_half;
$ppr1 = $ppr->second_half;
if($ppr->match($passphrase)) { ...
$userPassword = $ppr->as_rfc2307;
DESCRIPTION¶
An object of this class encapsulates a passphrase hashed using the Microsoft LAN
Manager hash function. This is a subclass of Authen::Passphrase, and this
document assumes that the reader is familiar with the documentation for that
class.
The hash algorithm can be used on up to fourteen Latin-1 characters of
passphrase. First the passphrase is folded to uppercase, and zero-padded to
fourteen bytes. Then it is split into two halves. Each seven-byte half is used
as a 56-bit DES key, to encrypt the fixed plaintext block
"KGS!@#$%". The eight-byte ciphertexts are concatenated to form the
sixteen-byte hash. There is no salt.
Because the two halves of the passphrase are hashed separately, it is possible
to manipulate (e.g., crack) a half hash in isolation. See
Authen::Passphrase::LANManagerHalf.
Warning: Don't even think about using this seriously. It's an
exceptionally weak design, flawed in pretty much every respect.
CONSTRUCTORS¶
- Authen::Passphrase::LANManager->new(ATTR => VALUE, ...)
- Generates a new passphrase recogniser object using the LAN Manager hash
algorithm. The following attributes may be given:
- hash
- The hash, as a string of 16 bytes.
- hash_hex
- The hash, as a string of 32 hexadecimal digits.
- passphrase
- A passphrase that will be accepted.
Either the hash or the passphrase must be given.
- Authen::Passphrase::LANManager->from_rfc2307(USERPASSWORD)
- Generates a LAN Manager passphrase recogniser from the supplied RFC2307
encoding. The string must consist of " {LANMAN}" (or its
synonym " {LANM}") followed by the hash in hexadecimal;
case is ignored.
METHODS¶
- $ppr->hash
- Returns the hash value, as a string of 16 bytes.
- $ppr->hash_hex
- Returns the hash value, as a string of 32 hexadecimal digits.
- $ppr->first_half
- Returns the hash of the first half of the passphrase, as an
Authen::Passphrase::LANManagerHalf passphrase recogniser.
- $ppr->second_half
- Returns the hash of the second half of the passphrase, as an
Authen::Passphrase::LANManagerHalf passphrase recogniser.
- $ppr->match(PASSPHRASE)
- $ppr->as_rfc2307
- These methods are part of the standard Authen::Passphrase interface.
SEE ALSO¶
Authen::Passphrase, Authen::Passphrase::LANManagerHalf, Crypt::DES
AUTHOR¶
Andrew Main (Zefram) <zefram@fysh.org>
COPYRIGHT¶
Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram)
<zefram@fysh.org>
LICENSE¶
This module is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.