search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-auth: run minimal_includes.pl
[Samba.git] / source4 / heimdal / lib / ntlm / ntlm.c
blob6dad519d4a9161e18c8580a3145523f8dff0733c
1 /*
2 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #include <config.h>
37
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <assert.h>
41 #include <string.h>
42 #include <ctype.h>
43 #include <errno.h>
44 #include <limits.h>
45
46 #include <roken.h>
47 #include <parse_units.h>
48 #include <krb5.h>
49
50 #define HC_DEPRECATED_CRYPTO
51
52 #include "krb5-types.h"
53 #include "crypto-headers.h"
54
55 #include <heimntlm.h>
56
57 /*! \mainpage Heimdal NTLM library
58 *
59 * \section intro Introduction
60 *
61 * Heimdal libheimntlm library is a implementation of the NTLM
62 * protocol, both version 1 and 2. The GSS-API mech that uses this
63 * library adds support for transport encryption and integrity
64 * checking.
65 *
66 * NTLM is a protocol for mutual authentication, its still used in
67 * many protocol where Kerberos is not support, one example is
68 * EAP/X802.1x mechanism LEAP from Microsoft and Cisco.
69 *
70 * This is a support library for the core protocol, its used in
71 * Heimdal to implement and GSS-API mechanism. There is also support
72 * in the KDC to do remote digest authenticiation, this to allow
73 * services to authenticate users w/o direct access to the users ntlm
74 * hashes (same as Kerberos arcfour enctype keys).
75 *
76 * More information about the NTLM protocol can found here
77 * http://davenport.sourceforge.net/ntlm.html .
78 *
79 * The Heimdal projects web page: http://www.h5l.org/
80 *
81 * @section ntlm_example NTLM Example
82 *
83 * Example to to use @ref test_ntlm.c .
84 *
85 * @example test_ntlm.c
86 *
87 * Example how to use the NTLM primitives.
88 *
89 */
90
91 /** @defgroup ntlm_core Heimdal NTLM library
92 *
93 * The NTLM core functions implement the string2key generation
94 * function, message encode and decode function, and the hash function
95 * functions.
96 */
97
98 struct sec_buffer {
99 uint16_t length;
100 uint16_t allocated;
101 uint32_t offset;
102 };
103
104 static const unsigned char ntlmsigature[8] = "NTLMSSP\x00";
105
106 /*
107 *
108 */
109
110 #define CHECK(f, e) \
111 do { \
112 ret = f ; if (ret != (e)) { ret = HNTLM_ERR_DECODE; goto out; } } \
113 while(0)
114
115 static struct units ntlm_flag_units[] = {
116 #define ntlm_flag(x) { #x, NTLM_##x }
117 ntlm_flag(ENC_56),
118 ntlm_flag(NEG_KEYEX),
119 ntlm_flag(ENC_128),
120 ntlm_flag(MBZ1),
121 ntlm_flag(MBZ2),
122 ntlm_flag(MBZ3),
123 ntlm_flag(NEG_VERSION),
124 ntlm_flag(MBZ4),
125 ntlm_flag(NEG_TARGET_INFO),
126 ntlm_flag(NON_NT_SESSION_KEY),
127 ntlm_flag(MBZ5),
128 ntlm_flag(NEG_IDENTIFY),
129 ntlm_flag(NEG_NTLM2),
130 ntlm_flag(TARGET_SHARE),
131 ntlm_flag(TARGET_SERVER),
132 ntlm_flag(TARGET_DOMAIN),
133 ntlm_flag(NEG_ALWAYS_SIGN),
134 ntlm_flag(MBZ6),
135 ntlm_flag(OEM_SUPPLIED_WORKSTATION),
136 ntlm_flag(OEM_SUPPLIED_DOMAIN),
137 ntlm_flag(NEG_ANONYMOUS),
138 ntlm_flag(NEG_NT_ONLY),
139 ntlm_flag(NEG_NTLM),
140 ntlm_flag(MBZ8),
141 ntlm_flag(NEG_LM_KEY),
142 ntlm_flag(NEG_DATAGRAM),
143 ntlm_flag(NEG_SEAL),
144 ntlm_flag(NEG_SIGN),
145 ntlm_flag(MBZ9),
146 ntlm_flag(NEG_TARGET),
147 ntlm_flag(NEG_OEM),
148 ntlm_flag(NEG_UNICODE),
149 #undef ntlm_flag
150 {NULL, 0}
151 };
152
153 size_t
154 heim_ntlm_unparse_flags(uint32_t flags, char *s, size_t len)
155 {
156 return unparse_flags(flags, ntlm_flag_units, s, len);
157 }
158
159
160 /**
161 * heim_ntlm_free_buf frees the ntlm buffer
162 *
163 * @param p buffer to be freed
164 *
165 * @ingroup ntlm_core
166 */
167
168 void
169 heim_ntlm_free_buf(struct ntlm_buf *p)
170 {
171 if (p->data)
172 free(p->data);
173 p->data = NULL;
174 p->length = 0;
175 }
176
177
178 static int
179 ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf)
180 {
181 unsigned char *p;
182 size_t len, i;
183
184 len = strlen(string);
185 if (len / 2 > UINT_MAX)
186 return ERANGE;
187
188 buf->length = len * 2;
189 buf->data = malloc(buf->length);
190 if (buf->data == NULL && len != 0) {
191 heim_ntlm_free_buf(buf);
192 return ENOMEM;
193 }
194
195 p = buf->data;
196 for (i = 0; i < len; i++) {
197 unsigned char t = (unsigned char)string[i];
198 if (t & 0x80) {
199 heim_ntlm_free_buf(buf);
200 return EINVAL;
201 }
202 if (up)
203 t = toupper(t);
204 p[(i * 2) + 0] = t;
205 p[(i * 2) + 1] = 0;
206 }
207 return 0;
208 }
209
210 /*
211 *
212 */
213
214 static krb5_error_code
215 ret_sec_buffer(krb5_storage *sp, struct sec_buffer *buf)
216 {
217 krb5_error_code ret;
218 CHECK(krb5_ret_uint16(sp, &buf->length), 0);
219 CHECK(krb5_ret_uint16(sp, &buf->allocated), 0);
220 CHECK(krb5_ret_uint32(sp, &buf->offset), 0);
221 out:
222 return ret;
223 }
224
225 static krb5_error_code
226 store_sec_buffer(krb5_storage *sp, const struct sec_buffer *buf)
227 {
228 krb5_error_code ret;
229 CHECK(krb5_store_uint16(sp, buf->length), 0);
230 CHECK(krb5_store_uint16(sp, buf->allocated), 0);
231 CHECK(krb5_store_uint32(sp, buf->offset), 0);
232 out:
233 return ret;
234 }
235
236 /*
237 * Strings are either OEM or UNICODE. The later is encoded as ucs2 on
238 * wire, but using utf8 in memory.
239 */
240
241 static krb5_error_code
242 len_string(int ucs2, const char *s)
243 {
244 size_t len = strlen(s);
245 if (ucs2)
246 len *= 2;
247 return len;
248 }
249
250 /*
251 *
252 */
253
254 static krb5_error_code
255 ret_string(krb5_storage *sp, int ucs2, size_t len, char **s)
256 {
257 krb5_error_code ret;
258
259 *s = malloc(len + 1);
260 if (*s == NULL)
261 return ENOMEM;
262 CHECK(krb5_storage_read(sp, *s, len), len);
263
264 (*s)[len] = '\0';
265
266 if (ucs2) {
267 size_t i;
268 for (i = 0; i < len / 2; i++) {
269 (*s)[i] = (*s)[i * 2];
270 if ((*s)[i * 2 + 1]) {
271 free(*s);
272 *s = NULL;
273 return EINVAL;
274 }
275 }
276 (*s)[i] = '\0';
277 }
278 ret = 0;
279 out:
280 return ret;
281 }
282
283
284
285 static krb5_error_code
286 ret_sec_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s)
287 {
288 krb5_error_code ret = 0;
289 CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
290 CHECK(ret_string(sp, ucs2, desc->length, s), 0);
291 out:
292 return ret;
293 }
294
295 static krb5_error_code
296 put_string(krb5_storage *sp, int ucs2, const char *s)
297 {
298 krb5_error_code ret;
299 struct ntlm_buf buf;
300
301 if (ucs2) {
302 ret = ascii2ucs2le(s, 0, &buf);
303 if (ret)
304 return ret;
305 } else {
306 buf.data = rk_UNCONST(s);
307 buf.length = strlen(s);
308 }
309
310 CHECK(krb5_storage_write(sp, buf.data, buf.length), buf.length);
311 if (ucs2)
312 heim_ntlm_free_buf(&buf);
313 ret = 0;
314 out:
315 return ret;
316 }
317
318 /*
319 *
320 */
321
322 static krb5_error_code
323 ret_buf(krb5_storage *sp, struct sec_buffer *desc, struct ntlm_buf *buf)
324 {
325 krb5_error_code ret;
326
327 buf->data = malloc(desc->length);
328 buf->length = desc->length;
329 CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
330 CHECK(krb5_storage_read(sp, buf->data, buf->length), buf->length);
331 ret = 0;
332 out:
333 return ret;
334 }
335
336 static krb5_error_code
337 put_buf(krb5_storage *sp, const struct ntlm_buf *buf)
338 {
339 krb5_error_code ret;
340 CHECK(krb5_storage_write(sp, buf->data, buf->length), buf->length);
341 ret = 0;
342 out:
343 return ret;
344 }
345
346 /**
347 * Frees the ntlm_targetinfo message
348 *
349 * @param ti targetinfo to be freed
350 *
351 * @ingroup ntlm_core
352 */
353
354 void
355 heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti)
356 {
357 free(ti->servername);
358 free(ti->domainname);
359 free(ti->dnsdomainname);
360 free(ti->dnsservername);
361 free(ti->dnstreename);
362 memset(ti, 0, sizeof(*ti));
363 }
364
365 static int
366 encode_ti_string(krb5_storage *out, uint16_t type, int ucs2, char *s)
367 {
368 krb5_error_code ret;
369 CHECK(krb5_store_uint16(out, type), 0);
370 CHECK(krb5_store_uint16(out, len_string(ucs2, s)), 0);
371 CHECK(put_string(out, ucs2, s), 0);
372 out:
373 return ret;
374 }
375
376 /**
377 * Encodes a ntlm_targetinfo message.
378 *
379 * @param ti the ntlm_targetinfo message to encode.
380 * @param ucs2 ignored
381 * @param data is the return buffer with the encoded message, should be
382 * freed with heim_ntlm_free_buf().
383 *
384 * @return In case of success 0 is return, an errors, a errno in what
385 * went wrong.
386 *
387 * @ingroup ntlm_core
388 */
389
390 int
391 heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti,
392 int ucs2,
393 struct ntlm_buf *data)
394 {
395 krb5_error_code ret;
396 krb5_storage *out;
397
398 data->data = NULL;
399 data->length = 0;
400
401 out = krb5_storage_emem();
402 if (out == NULL)
403 return ENOMEM;
404
405 krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
406
407 if (ti->servername)
408 CHECK(encode_ti_string(out, 1, ucs2, ti->servername), 0);
409 if (ti->domainname)
410 CHECK(encode_ti_string(out, 2, ucs2, ti->domainname), 0);
411 if (ti->dnsservername)
412 CHECK(encode_ti_string(out, 3, ucs2, ti->dnsservername), 0);
413 if (ti->dnsdomainname)
414 CHECK(encode_ti_string(out, 4, ucs2, ti->dnsdomainname), 0);
415 if (ti->dnstreename)
416 CHECK(encode_ti_string(out, 5, ucs2, ti->dnstreename), 0);
417 if (ti->avflags) {
418 CHECK(krb5_store_uint16(out, 6), 0);
419 CHECK(krb5_store_uint16(out, 4), 0);
420 CHECK(krb5_store_uint32(out, ti->avflags), 0);
421 }
422
423 /* end tag */
424 CHECK(krb5_store_int16(out, 0), 0);
425 CHECK(krb5_store_int16(out, 0), 0);
426
427 {
428 krb5_data d;
429 ret = krb5_storage_to_data(out, &d);
430 data->data = d.data;
431 data->length = d.length;
432 }
433 out:
434 krb5_storage_free(out);
435 return ret;
436 }
437
438 /**
439 * Decodes an NTLM targetinfo message
440 *
441 * @param data input data buffer with the encode NTLM targetinfo message
442 * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
443 * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
444 *
445 * @return In case of success 0 is return, an errors, a errno in what
446 * went wrong.
447 *
448 * @ingroup ntlm_core
449 */
450
451 int
452 heim_ntlm_decode_targetinfo(const struct ntlm_buf *data,
453 int ucs2,
454 struct ntlm_targetinfo *ti)
455 {
456 uint16_t type, len;
457 krb5_storage *in;
458 int ret = 0, done = 0;
459
460 memset(ti, 0, sizeof(*ti));
461
462 if (data->length == 0)
463 return 0;
464
465 in = krb5_storage_from_readonly_mem(data->data, data->length);
466 if (in == NULL)
467 return ENOMEM;
468 krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
469
470 while (!done) {
471 CHECK(krb5_ret_uint16(in, &type), 0);
472 CHECK(krb5_ret_uint16(in, &len), 0);
473
474 switch (type) {
475 case 0:
476 done = 1;
477 break;
478 case 1:
479 CHECK(ret_string(in, ucs2, len, &ti->servername), 0);
480 break;
481 case 2:
482 CHECK(ret_string(in, ucs2, len, &ti->domainname), 0);
483 break;
484 case 3:
485 CHECK(ret_string(in, ucs2, len, &ti->dnsservername), 0);
486 break;
487 case 4:
488 CHECK(ret_string(in, ucs2, len, &ti->dnsdomainname), 0);
489 break;
490 case 5:
491 CHECK(ret_string(in, ucs2, len, &ti->dnstreename), 0);
492 break;
493 case 6:
494 CHECK(krb5_ret_uint32(in, &ti->avflags), 0);
495 break;
496 default:
497 krb5_storage_seek(in, len, SEEK_CUR);
498 break;
499 }
500 }
501 out:
502 if (in)
503 krb5_storage_free(in);
504 return ret;
505 }
506
507 /**
508 * Frees the ntlm_type1 message
509 *
510 * @param data message to be freed
511 *
512 * @ingroup ntlm_core
513 */
514
515 void
516 heim_ntlm_free_type1(struct ntlm_type1 *data)
517 {
518 if (data->domain)
519 free(data->domain);
520 if (data->hostname)
521 free(data->hostname);
522 memset(data, 0, sizeof(*data));
523 }
524
525 int
526 heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data)
527 {
528 krb5_error_code ret;
529 unsigned char sig[8];
530 uint32_t type;
531 struct sec_buffer domain, hostname;
532 krb5_storage *in;
533
534 memset(data, 0, sizeof(*data));
535
536 in = krb5_storage_from_readonly_mem(buf->data, buf->length);
537 if (in == NULL) {
538 ret = ENOMEM;
539 goto out;
540 }
541 krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
542
543 CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
544 CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
545 CHECK(krb5_ret_uint32(in, &type), 0);
546 CHECK(type, 1);
547 CHECK(krb5_ret_uint32(in, &data->flags), 0);
548 if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN)
549 CHECK(ret_sec_buffer(in, &domain), 0);
550 if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION)
551 CHECK(ret_sec_buffer(in, &hostname), 0);
552 #if 0
553 if (domain.offset > 32) {
554 CHECK(krb5_ret_uint32(in, &data->os[0]), 0);
555 CHECK(krb5_ret_uint32(in, &data->os[1]), 0);
556 }
557 #endif
558 if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN)
559 CHECK(ret_sec_string(in, 0, &domain, &data->domain), 0);
560 if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION)
561 CHECK(ret_sec_string(in, 0, &hostname, &data->hostname), 0);
562
563 out:
564 if (in)
565 krb5_storage_free(in);
566 if (ret)
567 heim_ntlm_free_type1(data);
568
569 return ret;
570 }
571
572 /**
573 * Encodes an ntlm_type1 message.
574 *
575 * @param type1 the ntlm_type1 message to encode.
576 * @param data is the return buffer with the encoded message, should be
577 * freed with heim_ntlm_free_buf().
578 *
579 * @return In case of success 0 is return, an errors, a errno in what
580 * went wrong.
581 *
582 * @ingroup ntlm_core
583 */
584
585 int
586 heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data)
587 {
588 krb5_error_code ret;
589 struct sec_buffer domain, hostname;
590 krb5_storage *out;
591 uint32_t base, flags;
592
593 flags = type1->flags;
594 base = 16;
595
596 if (type1->domain) {
597 base += 8;
598 flags |= NTLM_OEM_SUPPLIED_DOMAIN;
599 }
600 if (type1->hostname) {
601 base += 8;
602 flags |= NTLM_OEM_SUPPLIED_WORKSTATION;
603 }
604 if (type1->os[0])
605 base += 8;
606
607 domain.offset = base;
608 if (type1->domain) {
609 domain.length = len_string(0, type1->domain);
610 domain.allocated = domain.length;
611 } else {
612 domain.length = 0;
613 domain.allocated = 0;
614 }
615
616 hostname.offset = domain.allocated + domain.offset;
617 if (type1->hostname) {
618 hostname.length = len_string(0, type1->hostname);
619 hostname.allocated = hostname.length;
620 } else {
621 hostname.length = 0;
622 hostname.allocated = 0;
623 }
624
625 out = krb5_storage_emem();
626 if (out == NULL)
627 return ENOMEM;
628
629 krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
630 CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
631 sizeof(ntlmsigature));
632 CHECK(krb5_store_uint32(out, 1), 0);
633 CHECK(krb5_store_uint32(out, flags), 0);
634
635 CHECK(store_sec_buffer(out, &domain), 0);
636 CHECK(store_sec_buffer(out, &hostname), 0);
637 #if 0
638 CHECK(krb5_store_uint32(out, type1->os[0]), 0);
639 CHECK(krb5_store_uint32(out, type1->os[1]), 0);
640 #endif
641 if (type1->domain)
642 CHECK(put_string(out, 0, type1->domain), 0);
643 if (type1->hostname)
644 CHECK(put_string(out, 0, type1->hostname), 0);
645
646 {
647 krb5_data d;
648 ret = krb5_storage_to_data(out, &d);
649 data->data = d.data;
650 data->length = d.length;
651 }
652 out:
653 krb5_storage_free(out);
654
655 return ret;
656 }
657
658 /**
659 * Frees the ntlm_type2 message
660 *
661 * @param data message to be freed
662 *
663 * @ingroup ntlm_core
664 */
665
666 void
667 heim_ntlm_free_type2(struct ntlm_type2 *data)
668 {
669 if (data->targetname)
670 free(data->targetname);
671 heim_ntlm_free_buf(&data->targetinfo);
672 memset(data, 0, sizeof(*data));
673 }
674
675 int
676 heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2)
677 {
678 krb5_error_code ret;
679 unsigned char sig[8];
680 uint32_t type, ctx[2];
681 struct sec_buffer targetname, targetinfo;
682 krb5_storage *in;
683 int ucs2 = 0;
684
685 memset(type2, 0, sizeof(*type2));
686
687 in = krb5_storage_from_readonly_mem(buf->data, buf->length);
688 if (in == NULL) {
689 ret = ENOMEM;
690 goto out;
691 }
692 krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
693
694 CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
695 CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
696 CHECK(krb5_ret_uint32(in, &type), 0);
697 CHECK(type, 2);
698
699 CHECK(ret_sec_buffer(in, &targetname), 0);
700 CHECK(krb5_ret_uint32(in, &type2->flags), 0);
701 if (type2->flags & NTLM_NEG_UNICODE)
702 ucs2 = 1;
703 CHECK(krb5_storage_read(in, type2->challenge, sizeof(type2->challenge)),
704 sizeof(type2->challenge));
705 CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */
706 CHECK(krb5_ret_uint32(in, &ctx[1]), 0);
707 CHECK(ret_sec_buffer(in, &targetinfo), 0);
708 /* os version */
709 if (type2->flags & NTLM_NEG_VERSION) {
710 CHECK(krb5_ret_uint32(in, &type2->os[0]), 0);
711 CHECK(krb5_ret_uint32(in, &type2->os[1]), 0);
712 }
713
714 CHECK(ret_sec_string(in, ucs2, &targetname, &type2->targetname), 0);
715 CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0);
716 ret = 0;
717
718 out:
719 if (in)
720 krb5_storage_free(in);
721 if (ret)
722 heim_ntlm_free_type2(type2);
723
724 return ret;
725 }
726
727 /**
728 * Encodes an ntlm_type2 message.
729 *
730 * @param type2 the ntlm_type2 message to encode.
731 * @param data is the return buffer with the encoded message, should be
732 * freed with heim_ntlm_free_buf().
733 *
734 * @return In case of success 0 is return, an errors, a errno in what
735 * went wrong.
736 *
737 * @ingroup ntlm_core
738 */
739
740 int
741 heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data)
742 {
743 struct sec_buffer targetname, targetinfo;
744 krb5_error_code ret;
745 krb5_storage *out = NULL;
746 uint32_t base;
747 int ucs2 = 0;
748
749 base = 48;
750
751 if (type2->flags & NTLM_NEG_VERSION)
752 base += 8;
753
754 if (type2->flags & NTLM_NEG_UNICODE)
755 ucs2 = 1;
756
757 targetname.offset = base;
758 targetname.length = len_string(ucs2, type2->targetname);
759 targetname.allocated = targetname.length;
760
761 targetinfo.offset = targetname.allocated + targetname.offset;
762 targetinfo.length = type2->targetinfo.length;
763 targetinfo.allocated = type2->targetinfo.length;
764
765 out = krb5_storage_emem();
766 if (out == NULL)
767 return ENOMEM;
768
769 krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
770 CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
771 sizeof(ntlmsigature));
772 CHECK(krb5_store_uint32(out, 2), 0);
773 CHECK(store_sec_buffer(out, &targetname), 0);
774 CHECK(krb5_store_uint32(out, type2->flags), 0);
775 CHECK(krb5_storage_write(out, type2->challenge, sizeof(type2->challenge)),
776 sizeof(type2->challenge));
777 CHECK(krb5_store_uint32(out, 0), 0); /* context */
778 CHECK(krb5_store_uint32(out, 0), 0);
779 CHECK(store_sec_buffer(out, &targetinfo), 0);
780 /* os version */
781 if (type2->flags & NTLM_NEG_VERSION) {
782 CHECK(krb5_store_uint32(out, type2->os[0]), 0);
783 CHECK(krb5_store_uint32(out, type2->os[1]), 0);
784 }
785 CHECK(put_string(out, ucs2, type2->targetname), 0);
786 CHECK(krb5_storage_write(out, type2->targetinfo.data,
787 type2->targetinfo.length),
788 type2->targetinfo.length);
789
790 {
791 krb5_data d;
792 ret = krb5_storage_to_data(out, &d);
793 data->data = d.data;
794 data->length = d.length;
795 }
796
797 out:
798 krb5_storage_free(out);
799
800 return ret;
801 }
802
803 /**
804 * Frees the ntlm_type3 message
805 *
806 * @param data message to be freed
807 *
808 * @ingroup ntlm_core
809 */
810
811 void
812 heim_ntlm_free_type3(struct ntlm_type3 *data)
813 {
814 heim_ntlm_free_buf(&data->lm);
815 heim_ntlm_free_buf(&data->ntlm);
816 if (data->targetname)
817 free(data->targetname);
818 if (data->username)
819 free(data->username);
820 if (data->ws)
821 free(data->ws);
822 heim_ntlm_free_buf(&data->sessionkey);
823 memset(data, 0, sizeof(*data));
824 }
825
826 /*
827 *
828 */
829
830 int
831 heim_ntlm_decode_type3(const struct ntlm_buf *buf,
832 int ucs2,
833 struct ntlm_type3 *type3)
834 {
835 krb5_error_code ret;
836 unsigned char sig[8];
837 uint32_t type;
838 krb5_storage *in;
839 struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
840 uint32_t min_offset = 72;
841
842 memset(type3, 0, sizeof(*type3));
843 memset(&sessionkey, 0, sizeof(sessionkey));
844
845 in = krb5_storage_from_readonly_mem(buf->data, buf->length);
846 if (in == NULL) {
847 ret = ENOMEM;
848 goto out;
849 }
850 krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
851
852 CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
853 CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
854 CHECK(krb5_ret_uint32(in, &type), 0);
855 CHECK(type, 3);
856 CHECK(ret_sec_buffer(in, &lm), 0);
857 if (lm.allocated)
858 min_offset = min(min_offset, lm.offset);
859 CHECK(ret_sec_buffer(in, &ntlm), 0);
860 if (ntlm.allocated)
861 min_offset = min(min_offset, ntlm.offset);
862 CHECK(ret_sec_buffer(in, &target), 0);
863 if (target.allocated)
864 min_offset = min(min_offset, target.offset);
865 CHECK(ret_sec_buffer(in, &username), 0);
866 if (username.allocated)
867 min_offset = min(min_offset, username.offset);
868 CHECK(ret_sec_buffer(in, &ws), 0);
869 if (ws.allocated)
870 min_offset = min(min_offset, ws.offset);
871
872 if (min_offset > 52) {
873 CHECK(ret_sec_buffer(in, &sessionkey), 0);
874 min_offset = max(min_offset, sessionkey.offset);
875 CHECK(krb5_ret_uint32(in, &type3->flags), 0);
876 }
877 if (min_offset > 52 + 8 + 4 + 8) {
878 CHECK(krb5_ret_uint32(in, &type3->os[0]), 0);
879 CHECK(krb5_ret_uint32(in, &type3->os[1]), 0);
880 }
881 CHECK(ret_buf(in, &lm, &type3->lm), 0);
882 CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0);
883 CHECK(ret_sec_string(in, ucs2, &target, &type3->targetname), 0);
884 CHECK(ret_sec_string(in, ucs2, &username, &type3->username), 0);
885 CHECK(ret_sec_string(in, ucs2, &ws, &type3->ws), 0);
886 if (sessionkey.offset)
887 CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0);
888
889 out:
890 if (in)
891 krb5_storage_free(in);
892 if (ret)
893 heim_ntlm_free_type3(type3);
894
895 return ret;
896 }
897
898 /**
899 * Encodes an ntlm_type3 message.
900 *
901 * @param type3 the ntlm_type3 message to encode.
902 * @param data is the return buffer with the encoded message, should be
903 * freed with heim_ntlm_free_buf().
904 *
905 * @return In case of success 0 is return, an errors, a errno in what
906 * went wrong.
907 *
908 * @ingroup ntlm_core
909 */
910
911 int
912 heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data)
913 {
914 struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
915 krb5_error_code ret;
916 krb5_storage *out = NULL;
917 uint32_t base;
918 int ucs2 = 0;
919
920 memset(&lm, 0, sizeof(lm));
921 memset(&ntlm, 0, sizeof(ntlm));
922 memset(&target, 0, sizeof(target));
923 memset(&username, 0, sizeof(username));
924 memset(&ws, 0, sizeof(ws));
925 memset(&sessionkey, 0, sizeof(sessionkey));
926
927 base = 52;
928
929 base += 8; /* sessionkey sec buf */
930 base += 4; /* flags */
931
932 if (type3->os[0]) {
933 base += 8;
934 }
935
936 if (type3->flags & NTLM_NEG_UNICODE)
937 ucs2 = 1;
938
939 target.offset = base;
940 target.length = len_string(ucs2, type3->targetname);
941 target.allocated = target.length;
942
943 username.offset = target.offset + target.allocated;
944 username.length = len_string(ucs2, type3->username);
945 username.allocated = username.length;
946
947 ws.offset = username.offset + username.allocated;
948 ws.length = len_string(ucs2, type3->ws);
949 ws.allocated = ws.length;
950
951 lm.offset = ws.offset + ws.allocated;
952 lm.length = type3->lm.length;
953 lm.allocated = type3->lm.length;
954
955 ntlm.offset = lm.offset + lm.allocated;
956 ntlm.length = type3->ntlm.length;
957 ntlm.allocated = ntlm.length;
958
959 sessionkey.offset = ntlm.offset + ntlm.allocated;
960 sessionkey.length = type3->sessionkey.length;
961 sessionkey.allocated = type3->sessionkey.length;
962
963 out = krb5_storage_emem();
964 if (out == NULL)
965 return ENOMEM;
966
967 krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
968 CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
969 sizeof(ntlmsigature));
970 CHECK(krb5_store_uint32(out, 3), 0);
971
972 CHECK(store_sec_buffer(out, &lm), 0);
973 CHECK(store_sec_buffer(out, &ntlm), 0);
974 CHECK(store_sec_buffer(out, &target), 0);
975 CHECK(store_sec_buffer(out, &username), 0);
976 CHECK(store_sec_buffer(out, &ws), 0);
977 CHECK(store_sec_buffer(out, &sessionkey), 0);
978 CHECK(krb5_store_uint32(out, type3->flags), 0);
979
980 #if 0
981 CHECK(krb5_store_uint32(out, 0), 0); /* os0 */
982 CHECK(krb5_store_uint32(out, 0), 0); /* os1 */
983 #endif
984
985 CHECK(put_string(out, ucs2, type3->targetname), 0);
986 CHECK(put_string(out, ucs2, type3->username), 0);
987 CHECK(put_string(out, ucs2, type3->ws), 0);
988 CHECK(put_buf(out, &type3->lm), 0);
989 CHECK(put_buf(out, &type3->ntlm), 0);
990 CHECK(put_buf(out, &type3->sessionkey), 0);
991
992 {
993 krb5_data d;
994 ret = krb5_storage_to_data(out, &d);
995 data->data = d.data;
996 data->length = d.length;
997 }
998
999 out:
1000 krb5_storage_free(out);
1001
1002 return ret;
1003 }
1004
1005
1006 /*
1007 *
1008 */
1009
1010 static void
1011 splitandenc(unsigned char *hash,
1012 unsigned char *challenge,
1013 unsigned char *answer)
1014 {
1015 EVP_CIPHER_CTX ctx;
1016 unsigned char key[8];
1017
1018 key[0] = hash[0];
1019 key[1] = (hash[0] << 7) | (hash[1] >> 1);
1020 key[2] = (hash[1] << 6) | (hash[2] >> 2);
1021 key[3] = (hash[2] << 5) | (hash[3] >> 3);
1022 key[4] = (hash[3] << 4) | (hash[4] >> 4);
1023 key[5] = (hash[4] << 3) | (hash[5] >> 5);
1024 key[6] = (hash[5] << 2) | (hash[6] >> 6);
1025 key[7] = (hash[6] << 1);
1026
1027 EVP_CIPHER_CTX_init(&ctx);
1028
1029 EVP_CipherInit_ex(&ctx, EVP_des_cbc(), NULL, key, NULL, 1);
1030 EVP_Cipher(&ctx, answer, challenge, 8);
1031 EVP_CIPHER_CTX_cleanup(&ctx);
1032 memset(key, 0, sizeof(key));
1033 }
1034
1035 /**
1036 * Calculate the NTLM key, the password is assumed to be in UTF8.
1037 *
1038 * @param password password to calcute the key for.
1039 * @param key calcuted key, should be freed with heim_ntlm_free_buf().
1040 *
1041 * @return In case of success 0 is return, an errors, a errno in what
1042 * went wrong.
1043 *
1044 * @ingroup ntlm_core
1045 */
1046
1047 int
1048 heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
1049 {
1050 struct ntlm_buf buf;
1051 EVP_MD_CTX *m;
1052 int ret;
1053
1054 key->data = malloc(MD5_DIGEST_LENGTH);
1055 if (key->data == NULL)
1056 return ENOMEM;
1057 key->length = MD5_DIGEST_LENGTH;
1058
1059 ret = ascii2ucs2le(password, 0, &buf);
1060 if (ret) {
1061 heim_ntlm_free_buf(key);
1062 return ret;
1063 }
1064
1065 m = EVP_MD_CTX_create();
1066 if (m == NULL) {
1067 heim_ntlm_free_buf(key);
1068 heim_ntlm_free_buf(&buf);
1069 return ENOMEM;
1070 }
1071
1072 EVP_DigestInit_ex(m, EVP_md4(), NULL);
1073 EVP_DigestUpdate(m, buf.data, buf.length);
1074 EVP_DigestFinal_ex(m, key->data, NULL);
1075 EVP_MD_CTX_destroy(m);
1076
1077 heim_ntlm_free_buf(&buf);
1078 return 0;
1079 }
1080
1081 /**
1082 * Calculate NTLMv1 response hash
1083 *
1084 * @param key the ntlm v1 key
1085 * @param len length of key
1086 * @param challenge sent by the server
1087 * @param answer calculated answer, should be freed with heim_ntlm_free_buf().
1088 *
1089 * @return In case of success 0 is return, an errors, a errno in what
1090 * went wrong.
1091 *
1092 * @ingroup ntlm_core
1093 */
1094
1095 int
1096 heim_ntlm_calculate_ntlm1(void *key, size_t len,
1097 unsigned char challenge[8],
1098 struct ntlm_buf *answer)
1099 {
1100 unsigned char res[21];
1101
1102 if (len != MD4_DIGEST_LENGTH)
1103 return HNTLM_ERR_INVALID_LENGTH;
1104
1105 memcpy(res, key, len);
1106 memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH);
1107
1108 answer->data = malloc(24);
1109 if (answer->data == NULL)
1110 return ENOMEM;
1111 answer->length = 24;
1112
1113 splitandenc(&res[0], challenge, ((unsigned char *)answer->data) + 0);
1114 splitandenc(&res[7], challenge, ((unsigned char *)answer->data) + 8);
1115 splitandenc(&res[14], challenge, ((unsigned char *)answer->data) + 16);
1116
1117 return 0;
1118 }
1119
1120 int
1121 heim_ntlm_v1_base_session(void *key, size_t len,
1122 struct ntlm_buf *session)
1123 {
1124 EVP_MD_CTX *m;
1125
1126 session->length = MD4_DIGEST_LENGTH;
1127 session->data = malloc(session->length);
1128 if (session->data == NULL) {
1129 session->length = 0;
1130 return ENOMEM;
1131 }
1132
1133 m = EVP_MD_CTX_create();
1134 if (m == NULL) {
1135 heim_ntlm_free_buf(session);
1136 return ENOMEM;
1137 }
1138 EVP_DigestInit_ex(m, EVP_md4(), NULL);
1139 EVP_DigestUpdate(m, key, len);
1140 EVP_DigestFinal_ex(m, session->data, NULL);
1141 EVP_MD_CTX_destroy(m);
1142
1143 return 0;
1144 }
1145
1146 int
1147 heim_ntlm_v2_base_session(void *key, size_t len,
1148 struct ntlm_buf *ntlmResponse,
1149 struct ntlm_buf *session)
1150 {
1151 unsigned int hmaclen;
1152 HMAC_CTX c;
1153
1154 if (ntlmResponse->length <= 16)
1155 return HNTLM_ERR_INVALID_LENGTH;
1156
1157 session->data = malloc(16);
1158 if (session->data == NULL)
1159 return ENOMEM;
1160 session->length = 16;
1161
1162 /* Note: key is the NTLMv2 key */
1163 HMAC_CTX_init(&c);
1164 HMAC_Init_ex(&c, key, len, EVP_md5(), NULL);
1165 HMAC_Update(&c, ntlmResponse->data, 16);
1166 HMAC_Final(&c, session->data, &hmaclen);
1167 HMAC_CTX_cleanup(&c);
1168
1169 return 0;
1170 }
1171
1172
1173 int
1174 heim_ntlm_keyex_wrap(struct ntlm_buf *base_session,
1175 struct ntlm_buf *session,
1176 struct ntlm_buf *encryptedSession)
1177 {
1178 EVP_CIPHER_CTX c;
1179 int ret;
1180
1181 session->length = MD4_DIGEST_LENGTH;
1182 session->data = malloc(session->length);
1183 if (session->data == NULL) {
1184 session->length = 0;
1185 return ENOMEM;
1186 }
1187 encryptedSession->length = MD4_DIGEST_LENGTH;
1188 encryptedSession->data = malloc(encryptedSession->length);
1189 if (encryptedSession->data == NULL) {
1190 heim_ntlm_free_buf(session);
1191 encryptedSession->length = 0;
1192 return ENOMEM;
1193 }
1194
1195 EVP_CIPHER_CTX_init(&c);
1196
1197 ret = EVP_CipherInit_ex(&c, EVP_rc4(), NULL, base_session->data, NULL, 1);
1198 if (ret != 1) {
1199 EVP_CIPHER_CTX_cleanup(&c);
1200 heim_ntlm_free_buf(encryptedSession);
1201 heim_ntlm_free_buf(session);
1202 return HNTLM_ERR_CRYPTO;
1203 }
1204
1205 if (RAND_bytes(session->data, session->length) != 1) {
1206 EVP_CIPHER_CTX_cleanup(&c);
1207 heim_ntlm_free_buf(encryptedSession);
1208 heim_ntlm_free_buf(session);
1209 return HNTLM_ERR_RAND;
1210 }
1211
1212 EVP_Cipher(&c, encryptedSession->data, session->data, encryptedSession->length);
1213 EVP_CIPHER_CTX_cleanup(&c);
1214
1215 return 0;
1216
1217
1218
1219 }
1220
1221
1222
1223 /**
1224 * Generates an NTLMv1 session random with assosited session master key.
1225 *
1226 * @param key the ntlm v1 key
1227 * @param len length of key
1228 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1229 * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
1230 *
1231 * @return In case of success 0 is return, an errors, a errno in what
1232 * went wrong.
1233 *
1234 * @ingroup ntlm_core
1235 */
1236
1237 int
1238 heim_ntlm_build_ntlm1_master(void *key, size_t len,
1239 struct ntlm_buf *session,
1240 struct ntlm_buf *master)
1241 {
1242 struct ntlm_buf sess;
1243 int ret;
1244
1245 ret = heim_ntlm_v1_base_session(key, len, &sess);
1246 if (ret)
1247 return ret;
1248
1249 ret = heim_ntlm_keyex_wrap(&sess, session, master);
1250 heim_ntlm_free_buf(&sess);
1251
1252 return ret;
1253 }
1254
1255 /**
1256 * Generates an NTLMv2 session random with associated session master key.
1257 *
1258 * @param key the NTLMv2 key
1259 * @param len length of key
1260 * @param blob the NTLMv2 "blob"
1261 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1262 * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
1263 *
1264 * @return In case of success 0 is return, an errors, a errno in what
1265 * went wrong.
1266 *
1267 * @ingroup ntlm_core
1268 */
1269
1270
1271 int
1272 heim_ntlm_build_ntlm2_master(void *key, size_t len,
1273 struct ntlm_buf *blob,
1274 struct ntlm_buf *session,
1275 struct ntlm_buf *master)
1276 {
1277 struct ntlm_buf sess;
1278 int ret;
1279
1280 ret = heim_ntlm_v2_base_session(key, len, blob, &sess);
1281 if (ret)
1282 return ret;
1283
1284 ret = heim_ntlm_keyex_wrap(&sess, session, master);
1285 heim_ntlm_free_buf(&sess);
1286
1287 return ret;
1288 }
1289
1290 /**
1291 * Given a key and encrypted session, unwrap the session key
1292 *
1293 * @param baseKey the sessionBaseKey
1294 * @param encryptedSession encrypted session, type3.session field.
1295 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1296 *
1297 * @return In case of success 0 is return, an errors, a errno in what
1298 * went wrong.
1299 *
1300 * @ingroup ntlm_core
1301 */
1302
1303 int
1304 heim_ntlm_keyex_unwrap(struct ntlm_buf *baseKey,
1305 struct ntlm_buf *encryptedSession,
1306 struct ntlm_buf *session)
1307 {
1308 EVP_CIPHER_CTX c;
1309
1310 memset(session, 0, sizeof(*session));
1311
1312 if (baseKey->length != MD4_DIGEST_LENGTH)
1313 return HNTLM_ERR_INVALID_LENGTH;
1314
1315 session->length = MD4_DIGEST_LENGTH;
1316 session->data = malloc(session->length);
1317 if (session->data == NULL) {
1318 session->length = 0;
1319 return ENOMEM;
1320 }
1321 EVP_CIPHER_CTX_init(&c);
1322
1323 if (EVP_CipherInit_ex(&c, EVP_rc4(), NULL, baseKey->data, NULL, 0) != 1) {
1324 EVP_CIPHER_CTX_cleanup(&c);
1325 heim_ntlm_free_buf(session);
1326 return HNTLM_ERR_CRYPTO;
1327 }
1328
1329 EVP_Cipher(&c, session->data, encryptedSession->data, session->length);
1330 EVP_CIPHER_CTX_cleanup(&c);
1331
1332 return 0;
1333 }
1334
1335
1336 /**
1337 * Generates an NTLMv2 session key.
1338 *
1339 * @param key the ntlm key
1340 * @param len length of key
1341 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1342 * @param target the name of the target, assumed to be in UTF8.
1343 * @param ntlmv2 the ntlmv2 session key
1344 *
1345 * @return 0 on success, or an error code on failure.
1346 *
1347 * @ingroup ntlm_core
1348 */
1349
1350 int
1351 heim_ntlm_ntlmv2_key(const void *key, size_t len,
1352 const char *username,
1353 const char *target,
1354 unsigned char ntlmv2[16])
1355 {
1356 int ret;
1357 unsigned int hmaclen;
1358 HMAC_CTX c;
1359
1360 HMAC_CTX_init(&c);
1361 HMAC_Init_ex(&c, key, len, EVP_md5(), NULL);
1362 {
1363 struct ntlm_buf buf;
1364 /* uppercase username and turn it into ucs2-le */
1365 ret = ascii2ucs2le(username, 1, &buf);
1366 if (ret)
1367 goto out;
1368 HMAC_Update(&c, buf.data, buf.length);
1369 free(buf.data);
1370 /* uppercase target and turn into ucs2-le */
1371 ret = ascii2ucs2le(target, 1, &buf);
1372 if (ret)
1373 goto out;
1374 HMAC_Update(&c, buf.data, buf.length);
1375 free(buf.data);
1376 }
1377 HMAC_Final(&c, ntlmv2, &hmaclen);
1378 out:
1379 HMAC_CTX_cleanup(&c);
1380
1381 return ret;
1382 }
1383
1384 /*
1385 *
1386 */
1387
1388 #define NTTIME_EPOCH 0x019DB1DED53E8000LL
1389
1390 static uint64_t
1391 unix2nttime(time_t unix_time)
1392 {
1393 long long wt;
1394 wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH;
1395 return wt;
1396 }
1397
1398 static time_t
1399 nt2unixtime(uint64_t t)
1400 {
1401 t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000);
1402 if (t > (((time_t)(~(uint64_t)0)) >> 1))
1403 return 0;
1404 return (time_t)t;
1405 }
1406
1407 /**
1408 * Calculate LMv2 response
1409 *
1410 * @param key the ntlm key
1411 * @param len length of key
1412 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1413 * @param target the name of the target, assumed to be in UTF8.
1414 * @param serverchallenge challenge as sent by the server in the type2 message.
1415 * @param ntlmv2 calculated session key
1416 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1417 *
1418 * @return In case of success 0 is return, an errors, a errno in what
1419 * went wrong.
1420 *
1421 * @ingroup ntlm_core
1422 */
1423
1424 int
1425 heim_ntlm_calculate_lm2(const void *key, size_t len,
1426 const char *username,
1427 const char *target,
1428 const unsigned char serverchallenge[8],
1429 unsigned char ntlmv2[16],
1430 struct ntlm_buf *answer)
1431 {
1432 unsigned char clientchallenge[8];
1433
1434 if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
1435 return HNTLM_ERR_RAND;
1436
1437 /* calculate ntlmv2 key */
1438
1439 heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1440
1441 answer->data = malloc(24);
1442 if (answer->data == NULL)
1443 return ENOMEM;
1444 answer->length = 24;
1445
1446 heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8,
1447 serverchallenge, answer->data);
1448
1449 memcpy(((uint8_t *)answer->data) + 16, clientchallenge, 8);
1450
1451 return 0;
1452 }
1453
1454
1455 /**
1456 * Calculate NTLMv2 response
1457 *
1458 * @param key the ntlm key
1459 * @param len length of key
1460 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1461 * @param target the name of the target, assumed to be in UTF8.
1462 * @param serverchallenge challenge as sent by the server in the type2 message.
1463 * @param infotarget infotarget as sent by the server in the type2 message.
1464 * @param ntlmv2 calculated session key
1465 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1466 *
1467 * @return In case of success 0 is return, an errors, a errno in what
1468 * went wrong.
1469 *
1470 * @ingroup ntlm_core
1471 */
1472
1473 int
1474 heim_ntlm_calculate_ntlm2(const void *key, size_t len,
1475 const char *username,
1476 const char *target,
1477 const unsigned char serverchallenge[8],
1478 const struct ntlm_buf *infotarget,
1479 unsigned char ntlmv2[16],
1480 struct ntlm_buf *answer)
1481 {
1482 krb5_error_code ret;
1483 krb5_data data;
1484 unsigned char ntlmv2answer[16];
1485 krb5_storage *sp;
1486 unsigned char clientchallenge[8];
1487 uint64_t t;
1488
1489 t = unix2nttime(time(NULL));
1490
1491 if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
1492 return HNTLM_ERR_RAND;
1493
1494 /* calculate ntlmv2 key */
1495
1496 heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1497
1498 /* calculate and build ntlmv2 answer */
1499
1500 sp = krb5_storage_emem();
1501 if (sp == NULL)
1502 return ENOMEM;
1503 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
1504
1505 CHECK(krb5_store_uint32(sp, 0x00000101), 0);
1506 CHECK(krb5_store_uint32(sp, 0), 0);
1507 /* timestamp le 64 bit ts */
1508 CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0);
1509 CHECK(krb5_store_uint32(sp, t >> 32), 0);
1510
1511 CHECK(krb5_storage_write(sp, clientchallenge, 8), 8);
1512
1513 CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */
1514 CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length),
1515 infotarget->length);
1516 CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */
1517
1518 CHECK(krb5_storage_to_data(sp, &data), 0);
1519 krb5_storage_free(sp);
1520 sp = NULL;
1521
1522 heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length, serverchallenge, ntlmv2answer);
1523
1524 sp = krb5_storage_emem();
1525 if (sp == NULL) {
1526 krb5_data_free(&data);
1527 return ENOMEM;
1528 }
1529
1530 CHECK(krb5_storage_write(sp, ntlmv2answer, 16), 16);
1531 CHECK(krb5_storage_write(sp, data.data, data.length), data.length);
1532 krb5_data_free(&data);
1533
1534 CHECK(krb5_storage_to_data(sp, &data), 0);
1535 krb5_storage_free(sp);
1536 sp = NULL;
1537
1538 answer->data = data.data;
1539 answer->length = data.length;
1540
1541 return 0;
1542 out:
1543 if (sp)
1544 krb5_storage_free(sp);
1545 return ret;
1546 }
1547
1548 static const int authtimediff = 3600 * 2; /* 2 hours */
1549
1550 /**
1551 * Verify NTLMv2 response.
1552 *
1553 * @param key the ntlm key
1554 * @param len length of key
1555 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1556 * @param target the name of the target, assumed to be in UTF8.
1557 * @param now the time now (0 if the library should pick it up itself)
1558 * @param serverchallenge challenge as sent by the server in the type2 message.
1559 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1560 * @param infotarget infotarget as sent by the server in the type2 message.
1561 * @param ntlmv2 calculated session key
1562 *
1563 * @return In case of success 0 is return, an errors, a errno in what
1564 * went wrong.
1565 *
1566 * @ingroup ntlm_core
1567 */
1568
1569 int
1570 heim_ntlm_verify_ntlm2(const void *key, size_t len,
1571 const char *username,
1572 const char *target,
1573 time_t now,
1574 const unsigned char serverchallenge[8],
1575 const struct ntlm_buf *answer,
1576 struct ntlm_buf *infotarget,
1577 unsigned char ntlmv2[16])
1578 {
1579 krb5_error_code ret;
1580 unsigned char clientanswer[16];
1581 unsigned char clientnonce[8];
1582 unsigned char serveranswer[16];
1583 krb5_storage *sp;
1584 time_t authtime;
1585 uint32_t temp;
1586 uint64_t t;
1587
1588 infotarget->length = 0;
1589 infotarget->data = NULL;
1590
1591 if (answer->length < 16)
1592 return HNTLM_ERR_INVALID_LENGTH;
1593
1594 if (now == 0)
1595 now = time(NULL);
1596
1597 /* calculate ntlmv2 key */
1598
1599 heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1600
1601 /* calculate and build ntlmv2 answer */
1602
1603 sp = krb5_storage_from_readonly_mem(answer->data, answer->length);
1604 if (sp == NULL)
1605 return ENOMEM;
1606 krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
1607
1608 CHECK(krb5_storage_read(sp, clientanswer, 16), 16);
1609
1610 CHECK(krb5_ret_uint32(sp, &temp), 0);
1611 CHECK(temp, 0x00000101);
1612 CHECK(krb5_ret_uint32(sp, &temp), 0);
1613 CHECK(temp, 0);
1614 /* timestamp le 64 bit ts */
1615 CHECK(krb5_ret_uint32(sp, &temp), 0);
1616 t = temp;
1617 CHECK(krb5_ret_uint32(sp, &temp), 0);
1618 t |= ((uint64_t)temp)<< 32;
1619
1620 authtime = nt2unixtime(t);
1621
1622 if (abs((int)(authtime - now)) > authtimediff) {
1623 ret = HNTLM_ERR_TIME_SKEW;
1624 goto out;
1625 }
1626
1627 /* client challenge */
1628 CHECK(krb5_storage_read(sp, clientnonce, 8), 8);
1629
1630 CHECK(krb5_ret_uint32(sp, &temp), 0); /* unknown */
1631
1632 /* should really unparse the infotarget, but lets pick up everything */
1633 infotarget->length = answer->length - krb5_storage_seek(sp, 0, SEEK_CUR);
1634 infotarget->data = malloc(infotarget->length);
1635 if (infotarget->data == NULL) {
1636 ret = ENOMEM;
1637 goto out;
1638 }
1639 CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length),
1640 infotarget->length);
1641 /* XXX remove the unknown ?? */
1642 krb5_storage_free(sp);
1643 sp = NULL;
1644
1645 if (answer->length < 16) {
1646 ret = HNTLM_ERR_INVALID_LENGTH;
1647 goto out;
1648 }
1649
1650 heim_ntlm_derive_ntlm2_sess(ntlmv2,
1651 ((unsigned char *)answer->data) + 16, answer->length - 16,
1652 serverchallenge,
1653 serveranswer);
1654
1655 if (memcmp(serveranswer, clientanswer, 16) != 0) {
1656 heim_ntlm_free_buf(infotarget);
1657 return HNTLM_ERR_AUTH;
1658 }
1659
1660 return 0;
1661 out:
1662 heim_ntlm_free_buf(infotarget);
1663 if (sp)
1664 krb5_storage_free(sp);
1665 return ret;
1666 }
1667
1668
1669 /*
1670 * Calculate the NTLM2 Session Response
1671 *
1672 * @param clnt_nonce client nonce
1673 * @param svr_chal server challage
1674 * @param ntlm2_hash ntlm hash
1675 * @param lm The LM response, should be freed with heim_ntlm_free_buf().
1676 * @param ntlm The NTLM response, should be freed with heim_ntlm_free_buf().
1677 *
1678 * @return In case of success 0 is return, an errors, a errno in what
1679 * went wrong.
1680 *
1681 * @ingroup ntlm_core
1682 */
1683
1684 int
1685 heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8],
1686 const unsigned char svr_chal[8],
1687 const unsigned char ntlm_hash[16],
1688 struct ntlm_buf *lm,
1689 struct ntlm_buf *ntlm)
1690 {
1691 unsigned char ntlm2_sess_hash[8];
1692 unsigned char res[21], *resp;
1693 int code;
1694
1695 code = heim_ntlm_calculate_ntlm2_sess_hash(clnt_nonce, svr_chal,
1696 ntlm2_sess_hash);
1697 if (code) {
1698 return code;
1699 }
1700
1701 lm->data = malloc(24);
1702 if (lm->data == NULL) {
1703 return ENOMEM;
1704 }
1705 lm->length = 24;
1706
1707 ntlm->data = malloc(24);
1708 if (ntlm->data == NULL) {
1709 free(lm->data);
1710 lm->data = NULL;
1711 return ENOMEM;
1712 }
1713 ntlm->length = 24;
1714
1715 /* first setup the lm resp */
1716 memset(lm->data, 0, 24);
1717 memcpy(lm->data, clnt_nonce, 8);
1718
1719 memset(res, 0, sizeof(res));
1720 memcpy(res, ntlm_hash, 16);
1721
1722 resp = ntlm->data;
1723 splitandenc(&res[0], ntlm2_sess_hash, resp + 0);
1724 splitandenc(&res[7], ntlm2_sess_hash, resp + 8);
1725 splitandenc(&res[14], ntlm2_sess_hash, resp + 16);
1726
1727 return 0;
1728 }
1729
1730
1731 /*
1732 * Calculate the NTLM2 Session "Verifier"
1733 *
1734 * @param clnt_nonce client nonce
1735 * @param svr_chal server challage
1736 * @param hash The NTLM session verifier
1737 *
1738 * @return In case of success 0 is return, an errors, a errno in what
1739 * went wrong.
1740 *
1741 * @ingroup ntlm_core
1742 */
1743
1744 int
1745 heim_ntlm_calculate_ntlm2_sess_hash(const unsigned char clnt_nonce[8],
1746 const unsigned char svr_chal[8],
1747 unsigned char verifier[8])
1748 {
1749 unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH];
1750 EVP_MD_CTX *m;
1751
1752 m = EVP_MD_CTX_create();
1753 if (m == NULL)
1754 return ENOMEM;
1755
1756 EVP_DigestInit_ex(m, EVP_md5(), NULL);
1757 EVP_DigestUpdate(m, svr_chal, 8); /* session nonce part 1 */
1758 EVP_DigestUpdate(m, clnt_nonce, 8); /* session nonce part 2 */
1759 EVP_DigestFinal_ex(m, ntlm2_sess_hash, NULL); /* will only use first 8 bytes */
1760 EVP_MD_CTX_destroy(m);
1761
1762 memcpy(verifier, ntlm2_sess_hash, 8);
1763
1764 return 0;
1765 }
1766
1767
1768 /*
1769 * Derive a NTLM2 session key
1770 *
1771 * @param sessionkey session key from domain controller
1772 * @param clnt_nonce client nonce
1773 * @param svr_chal server challenge
1774 * @param derivedkey salted session key
1775 *
1776 * @return In case of success 0 is return, an errors, a errno in what
1777 * went wrong.
1778 *
1779 * @ingroup ntlm_core
1780 */
1781
1782 void
1783 heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16],
1784 const unsigned char *clnt_nonce, size_t clnt_nonce_length,
1785 const unsigned char svr_chal[8],
1786 unsigned char derivedkey[16])
1787 {
1788 unsigned int hmaclen;
1789 HMAC_CTX c;
1790
1791 /* HMAC(Ksession, serverchallenge || clientchallenge) */
1792 HMAC_CTX_init(&c);
1793 HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL);
1794 HMAC_Update(&c, svr_chal, 8);
1795 HMAC_Update(&c, clnt_nonce, clnt_nonce_length);
1796 HMAC_Final(&c, derivedkey, &hmaclen);
1797 HMAC_CTX_cleanup(&c);
1798 }
1799
Samba GIT mirror