Add explicit digestmod parameter setting to all hmac.new() calls for …

…Python 3.8 compatibility (issue fortra#702).
musorblyat · Nov 28, 2019 · 8f5ae81 · 8f5ae81
1 parent fdc8ddd
commit 8f5ae81
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 10 deletions.
diff --git a/impacket/dcerpc/v5/nrpc.py b/impacket/dcerpc/v5/nrpc.py
@@ -1659,7 +1659,7 @@ def ComputeSessionKeyStrongKey(sharedSecret, clientChallenge, serverChallenge, s
     md5.update(clientChallenge)
     md5.update(serverChallenge)
     finalMD5 = md5.digest()
-    hm = hmac.new(M4SS) 
+    hm = hmac.new(M4SS, digestmod=hashlib.md5)
     hm.update(finalMD5)
     return hm.digest()
 
@@ -1690,16 +1690,16 @@ def ComputeNetlogonSignatureMD5(authSignature, message, confounder, sessionKey):
     md5.update(confounder)
     md5.update(str(message))
     finalMD5 = md5.digest()
-    hm = hmac.new(sessionKey)
+    hm = hmac.new(sessionKey, digestmod=hashlib.md5)
     hm.update(finalMD5)
     return hm.digest()[:8]
 
 def encryptSequenceNumberRC4(sequenceNum, checkSum, sessionKey):
     # [MS-NRPC] Section 3.3.4.2.1, point 9
 
-    hm = hmac.new(sessionKey)
+    hm = hmac.new(sessionKey, digestmod=hashlib.md5)
     hm.update('\x00'*4)
-    hm2 = hmac.new(hm.digest())
+    hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
     hm2.update(checkSum)
     encryptionKey = hm2.digest()
 
@@ -1754,9 +1754,9 @@ def SEAL(data, confounder, sequenceNum, key, aes = False):
 
     XorKey = ''.join(XorKey)
     if aes is False:
-        hm = hmac.new(XorKey)
+        hm = hmac.new(XorKey, digestmod=hashlib.md5)
         hm.update('\x00'*4)
-        hm2 = hmac.new(hm.digest())
+        hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
         hm2.update(sequenceNum)
         encryptionKey = hm2.digest()
 
@@ -1787,9 +1787,9 @@ def UNSEAL(data, auth_data, key, aes = False):
     XorKey = ''.join(XorKey)
     if aes is False:
         sequenceNum = decryptSequenceNumberRC4(auth_data['SequenceNumber'], auth_data['Checksum'],  key)
-        hm = hmac.new(XorKey)
+        hm = hmac.new(XorKey, digestmod=hashlib.md5)
         hm.update('\x00'*4)
-        hm2 = hmac.new(hm.digest())
+        hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
         hm2.update(sequenceNum)
         encryptionKey = hm2.digest()
 

diff --git a/impacket/examples/secretsdump.py b/impacket/examples/secretsdump.py
@@ -1318,7 +1318,7 @@ def __decryptSecret(self, key, value):
         return secret['Secret']
 
     def __decryptHash(self, key, value, iv):
-        hmac_md5 = HMAC.new(key,iv)
+        hmac_md5 = HMAC.new(key,iv,digestmod=hashlib.md5)
         rc4key = hmac_md5.digest()
 
         rc4 = ARC4.new(rc4key)

diff --git a/impacket/ntlm.py b/impacket/ntlm.py
@@ -879,7 +879,7 @@ def KXKEY(flags, sessionBaseKey, lmChallengeResponse, serverChallenge, password,
 
 def hmac_md5(key, data):
     import hmac
-    h = hmac.new(key)
+    h = hmac.new(key, digestmod=hashlib.md5)
     h.update(data)
     return h.digest()