2 * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
49 #include "krb5-types.h"
50 #include "crypto-headers.h"
54 /*! \mainpage Heimdal NTLM library
56 * \section intro Introduction
58 * Heimdal libheimntlm library is a implementation of the NTLM
59 * protocol, both version 1 and 2. The GSS-API mech that uses this
60 * library adds support for transport encryption and integrity
63 * NTLM is a protocol for mutual authentication, its still used in
64 * many protocol where Kerberos is not support, one example is
65 * EAP/X802.1x mechanism LEAP from Microsoft and Cisco.
67 * This is a support library for the core protocol, its used in
68 * Heimdal to implement and GSS-API mechanism. There is also support
69 * in the KDC to do remote digest authenticiation, this to allow
70 * services to authenticate users w/o direct access to the users ntlm
71 * hashes (same as Kerberos arcfour enctype hashes).
73 * More information about the NTLM protocol can found here
74 * http://davenport.sourceforge.net/ntlm.html .
76 * The Heimdal projects web page: http://www.h5l.org/
79 /** @defgroup ntlm_core Heimdal NTLM library
81 * The NTLM core functions implement the string2key generation
82 * function, message encode and decode function, and the hash function
92 static const unsigned char ntlmsigature
[8] = "NTLMSSP\x00";
99 do { ret = f ; if (ret != (e)) { ret = EINVAL; goto out; } } while(0)
102 * heim_ntlm_free_buf frees the ntlm buffer
104 * @param p buffer to be freed
110 heim_ntlm_free_buf(struct ntlm_buf
*p
)
120 ascii2ucs2le(const char *string
, int up
, struct ntlm_buf
*buf
)
125 len
= strlen(string
);
126 if (len
/ 2 > UINT_MAX
)
129 buf
->length
= len
* 2;
130 buf
->data
= malloc(buf
->length
);
131 if (buf
->data
== NULL
&& len
!= 0) {
132 heim_ntlm_free_buf(buf
);
137 for (i
= 0; i
< len
; i
++) {
138 unsigned char t
= (unsigned char)string
[i
];
140 heim_ntlm_free_buf(buf
);
155 static krb5_error_code
156 ret_sec_buffer(krb5_storage
*sp
, struct sec_buffer
*buf
)
159 CHECK(krb5_ret_uint16(sp
, &buf
->length
), 0);
160 CHECK(krb5_ret_uint16(sp
, &buf
->allocated
), 0);
161 CHECK(krb5_ret_uint32(sp
, &buf
->offset
), 0);
166 static krb5_error_code
167 store_sec_buffer(krb5_storage
*sp
, const struct sec_buffer
*buf
)
170 CHECK(krb5_store_uint16(sp
, buf
->length
), 0);
171 CHECK(krb5_store_uint16(sp
, buf
->allocated
), 0);
172 CHECK(krb5_store_uint32(sp
, buf
->offset
), 0);
178 * Strings are either OEM or UNICODE. The later is encoded as ucs2 on
179 * wire, but using utf8 in memory.
182 static krb5_error_code
183 len_string(int ucs2
, const char *s
)
185 size_t len
= strlen(s
);
191 static krb5_error_code
192 ret_string(krb5_storage
*sp
, int ucs2
, struct sec_buffer
*desc
, char **s
)
196 *s
= malloc(desc
->length
+ 1);
197 CHECK(krb5_storage_seek(sp
, desc
->offset
, SEEK_SET
), desc
->offset
);
198 CHECK(krb5_storage_read(sp
, *s
, desc
->length
), desc
->length
);
199 (*s
)[desc
->length
] = '\0';
203 for (i
= 0; i
< desc
->length
/ 2; i
++) {
204 (*s
)[i
] = (*s
)[i
* 2];
205 if ((*s
)[i
* 2 + 1]) {
220 static krb5_error_code
221 put_string(krb5_storage
*sp
, int ucs2
, const char *s
)
227 ret
= ascii2ucs2le(s
, 0, &buf
);
231 buf
.data
= rk_UNCONST(s
);
232 buf
.length
= strlen(s
);
235 CHECK(krb5_storage_write(sp
, buf
.data
, buf
.length
), buf
.length
);
237 heim_ntlm_free_buf(&buf
);
247 static krb5_error_code
248 ret_buf(krb5_storage
*sp
, struct sec_buffer
*desc
, struct ntlm_buf
*buf
)
252 buf
->data
= malloc(desc
->length
);
253 buf
->length
= desc
->length
;
254 CHECK(krb5_storage_seek(sp
, desc
->offset
, SEEK_SET
), desc
->offset
);
255 CHECK(krb5_storage_read(sp
, buf
->data
, buf
->length
), buf
->length
);
261 static krb5_error_code
262 put_buf(krb5_storage
*sp
, const struct ntlm_buf
*buf
)
265 CHECK(krb5_storage_write(sp
, buf
->data
, buf
->length
), buf
->length
);
272 * Frees the ntlm_targetinfo message
274 * @param ti targetinfo to be freed
280 heim_ntlm_free_targetinfo(struct ntlm_targetinfo
*ti
)
282 free(ti
->servername
);
283 free(ti
->domainname
);
284 free(ti
->dnsdomainname
);
285 free(ti
->dnsservername
);
286 memset(ti
, 0, sizeof(*ti
));
290 encode_ti_blob(krb5_storage
*out
, uint16_t type
, int ucs2
, char *s
)
293 CHECK(krb5_store_uint16(out
, type
), 0);
294 CHECK(krb5_store_uint16(out
, len_string(ucs2
, s
)), 0);
295 CHECK(put_string(out
, ucs2
, s
), 0);
301 * Encodes a ntlm_targetinfo message.
303 * @param ti the ntlm_targetinfo message to encode.
304 * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
305 * @param data is the return buffer with the encoded message, should be
306 * freed with heim_ntlm_free_buf().
308 * @return In case of success 0 is return, an errors, a errno in what
315 heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo
*ti
,
317 struct ntlm_buf
*data
)
325 out
= krb5_storage_emem();
330 CHECK(encode_ti_blob(out
, 1, ucs2
, ti
->servername
), 0);
332 CHECK(encode_ti_blob(out
, 2, ucs2
, ti
->domainname
), 0);
333 if (ti
->dnsservername
)
334 CHECK(encode_ti_blob(out
, 3, ucs2
, ti
->dnsservername
), 0);
335 if (ti
->dnsdomainname
)
336 CHECK(encode_ti_blob(out
, 4, ucs2
, ti
->dnsdomainname
), 0);
339 CHECK(krb5_store_int16(out
, 0), 0);
340 CHECK(krb5_store_int16(out
, 0), 0);
344 ret
= krb5_storage_to_data(out
, &d
);
346 data
->length
= d
.length
;
349 krb5_storage_free(out
);
354 * Decodes an NTLM targetinfo message
356 * @param data input data buffer with the encode NTLM targetinfo message
357 * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
358 * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
360 * @return In case of success 0 is return, an errors, a errno in what
367 heim_ntlm_decode_targetinfo(const struct ntlm_buf
*data
,
369 struct ntlm_targetinfo
*ti
)
371 memset(ti
, 0, sizeof(*ti
));
376 * Frees the ntlm_type1 message
378 * @param data message to be freed
384 heim_ntlm_free_type1(struct ntlm_type1
*data
)
389 free(data
->hostname
);
390 memset(data
, 0, sizeof(*data
));
394 heim_ntlm_decode_type1(const struct ntlm_buf
*buf
, struct ntlm_type1
*data
)
397 unsigned char sig
[8];
399 struct sec_buffer domain
, hostname
;
402 memset(data
, 0, sizeof(*data
));
404 in
= krb5_storage_from_readonly_mem(buf
->data
, buf
->length
);
409 krb5_storage_set_byteorder(in
, KRB5_STORAGE_BYTEORDER_LE
);
411 CHECK(krb5_storage_read(in
, sig
, sizeof(sig
)), sizeof(sig
));
412 CHECK(memcmp(ntlmsigature
, sig
, sizeof(ntlmsigature
)), 0);
413 CHECK(krb5_ret_uint32(in
, &type
), 0);
415 CHECK(krb5_ret_uint32(in
, &data
->flags
), 0);
416 if (data
->flags
& NTLM_SUPPLIED_DOMAIN
)
417 CHECK(ret_sec_buffer(in
, &domain
), 0);
418 if (data
->flags
& NTLM_SUPPLIED_WORKSTAION
)
419 CHECK(ret_sec_buffer(in
, &hostname
), 0);
421 if (domain
.offset
> 32) {
422 CHECK(krb5_ret_uint32(in
, &data
->os
[0]), 0);
423 CHECK(krb5_ret_uint32(in
, &data
->os
[1]), 0);
426 if (data
->flags
& NTLM_SUPPLIED_DOMAIN
)
427 CHECK(ret_string(in
, 0, &domain
, &data
->domain
), 0);
428 if (data
->flags
& NTLM_SUPPLIED_WORKSTAION
)
429 CHECK(ret_string(in
, 0, &hostname
, &data
->hostname
), 0);
432 krb5_storage_free(in
);
434 heim_ntlm_free_type1(data
);
440 * Encodes an ntlm_type1 message.
442 * @param type1 the ntlm_type1 message to encode.
443 * @param data is the return buffer with the encoded message, should be
444 * freed with heim_ntlm_free_buf().
446 * @return In case of success 0 is return, an errors, a errno in what
453 heim_ntlm_encode_type1(const struct ntlm_type1
*type1
, struct ntlm_buf
*data
)
456 struct sec_buffer domain
, hostname
;
458 uint32_t base
, flags
;
460 flags
= type1
->flags
;
465 flags
|= NTLM_SUPPLIED_DOMAIN
;
467 if (type1
->hostname
) {
469 flags
|= NTLM_SUPPLIED_WORKSTAION
;
475 domain
.offset
= base
;
476 domain
.length
= len_string(0, type1
->domain
);
477 domain
.allocated
= domain
.length
;
479 if (type1
->hostname
) {
480 hostname
.offset
= domain
.allocated
+ domain
.offset
;
481 hostname
.length
= len_string(0, type1
->hostname
);
482 hostname
.allocated
= hostname
.length
;
485 out
= krb5_storage_emem();
489 krb5_storage_set_byteorder(out
, KRB5_STORAGE_BYTEORDER_LE
);
490 CHECK(krb5_storage_write(out
, ntlmsigature
, sizeof(ntlmsigature
)),
491 sizeof(ntlmsigature
));
492 CHECK(krb5_store_uint32(out
, 1), 0);
493 CHECK(krb5_store_uint32(out
, flags
), 0);
496 CHECK(store_sec_buffer(out
, &domain
), 0);
498 CHECK(store_sec_buffer(out
, &hostname
), 0);
500 CHECK(krb5_store_uint32(out
, type1
->os
[0]), 0);
501 CHECK(krb5_store_uint32(out
, type1
->os
[1]), 0);
504 CHECK(put_string(out
, 0, type1
->domain
), 0);
506 CHECK(put_string(out
, 0, type1
->hostname
), 0);
510 ret
= krb5_storage_to_data(out
, &d
);
512 data
->length
= d
.length
;
515 krb5_storage_free(out
);
521 * Frees the ntlm_type2 message
523 * @param data message to be freed
529 heim_ntlm_free_type2(struct ntlm_type2
*data
)
531 if (data
->targetname
)
532 free(data
->targetname
);
533 heim_ntlm_free_buf(&data
->targetinfo
);
534 memset(data
, 0, sizeof(*data
));
538 heim_ntlm_decode_type2(const struct ntlm_buf
*buf
, struct ntlm_type2
*type2
)
541 unsigned char sig
[8];
542 uint32_t type
, ctx
[2];
543 struct sec_buffer targetname
, targetinfo
;
547 memset(type2
, 0, sizeof(*type2
));
549 in
= krb5_storage_from_readonly_mem(buf
->data
, buf
->length
);
554 krb5_storage_set_byteorder(in
, KRB5_STORAGE_BYTEORDER_LE
);
556 CHECK(krb5_storage_read(in
, sig
, sizeof(sig
)), sizeof(sig
));
557 CHECK(memcmp(ntlmsigature
, sig
, sizeof(ntlmsigature
)), 0);
558 CHECK(krb5_ret_uint32(in
, &type
), 0);
561 CHECK(ret_sec_buffer(in
, &targetname
), 0);
562 CHECK(krb5_ret_uint32(in
, &type2
->flags
), 0);
563 if (type2
->flags
& NTLM_NEG_UNICODE
)
565 CHECK(krb5_storage_read(in
, type2
->challange
, sizeof(type2
->challange
)),
566 sizeof(type2
->challange
));
567 CHECK(krb5_ret_uint32(in
, &ctx
[0]), 0); /* context */
568 CHECK(krb5_ret_uint32(in
, &ctx
[1]), 0);
569 CHECK(ret_sec_buffer(in
, &targetinfo
), 0);
572 CHECK(krb5_ret_uint32(in
, &type2
->os
[0]), 0);
573 CHECK(krb5_ret_uint32(in
, &type2
->os
[1]), 0);
576 CHECK(ret_string(in
, ucs2
, &targetname
, &type2
->targetname
), 0);
577 CHECK(ret_buf(in
, &targetinfo
, &type2
->targetinfo
), 0);
581 krb5_storage_free(in
);
583 heim_ntlm_free_type2(type2
);
589 * Encodes an ntlm_type2 message.
591 * @param type2 the ntlm_type2 message to encode.
592 * @param data is the return buffer with the encoded message, should be
593 * freed with heim_ntlm_free_buf().
595 * @return In case of success 0 is return, an errors, a errno in what
602 heim_ntlm_encode_type2(const struct ntlm_type2
*type2
, struct ntlm_buf
*data
)
604 struct sec_buffer targetname
, targetinfo
;
606 krb5_storage
*out
= NULL
;
615 if (type2
->flags
& NTLM_NEG_UNICODE
)
618 targetname
.offset
= base
;
619 targetname
.length
= len_string(ucs2
, type2
->targetname
);
620 targetname
.allocated
= targetname
.length
;
622 targetinfo
.offset
= targetname
.allocated
+ targetname
.offset
;
623 targetinfo
.length
= type2
->targetinfo
.length
;
624 targetinfo
.allocated
= type2
->targetinfo
.length
;
626 out
= krb5_storage_emem();
630 krb5_storage_set_byteorder(out
, KRB5_STORAGE_BYTEORDER_LE
);
631 CHECK(krb5_storage_write(out
, ntlmsigature
, sizeof(ntlmsigature
)),
632 sizeof(ntlmsigature
));
633 CHECK(krb5_store_uint32(out
, 2), 0);
634 CHECK(store_sec_buffer(out
, &targetname
), 0);
635 CHECK(krb5_store_uint32(out
, type2
->flags
), 0);
636 CHECK(krb5_storage_write(out
, type2
->challange
, sizeof(type2
->challange
)),
637 sizeof(type2
->challange
));
638 CHECK(krb5_store_uint32(out
, 0), 0); /* context */
639 CHECK(krb5_store_uint32(out
, 0), 0);
640 CHECK(store_sec_buffer(out
, &targetinfo
), 0);
643 CHECK(krb5_store_uint32(out
, type2
->os
[0]), 0);
644 CHECK(krb5_store_uint32(out
, type2
->os
[1]), 0);
646 CHECK(put_string(out
, ucs2
, type2
->targetname
), 0);
647 CHECK(krb5_storage_write(out
, type2
->targetinfo
.data
,
648 type2
->targetinfo
.length
),
649 type2
->targetinfo
.length
);
653 ret
= krb5_storage_to_data(out
, &d
);
655 data
->length
= d
.length
;
659 krb5_storage_free(out
);
665 * Frees the ntlm_type3 message
667 * @param data message to be freed
673 heim_ntlm_free_type3(struct ntlm_type3
*data
)
675 heim_ntlm_free_buf(&data
->lm
);
676 heim_ntlm_free_buf(&data
->ntlm
);
677 if (data
->targetname
)
678 free(data
->targetname
);
680 free(data
->username
);
683 heim_ntlm_free_buf(&data
->sessionkey
);
684 memset(data
, 0, sizeof(*data
));
692 heim_ntlm_decode_type3(const struct ntlm_buf
*buf
,
694 struct ntlm_type3
*type3
)
697 unsigned char sig
[8];
700 struct sec_buffer lm
, ntlm
, target
, username
, sessionkey
, ws
;
702 memset(type3
, 0, sizeof(*type3
));
703 memset(&sessionkey
, 0, sizeof(sessionkey
));
705 in
= krb5_storage_from_readonly_mem(buf
->data
, buf
->length
);
710 krb5_storage_set_byteorder(in
, KRB5_STORAGE_BYTEORDER_LE
);
712 CHECK(krb5_storage_read(in
, sig
, sizeof(sig
)), sizeof(sig
));
713 CHECK(memcmp(ntlmsigature
, sig
, sizeof(ntlmsigature
)), 0);
714 CHECK(krb5_ret_uint32(in
, &type
), 0);
716 CHECK(ret_sec_buffer(in
, &lm
), 0);
717 CHECK(ret_sec_buffer(in
, &ntlm
), 0);
718 CHECK(ret_sec_buffer(in
, &target
), 0);
719 CHECK(ret_sec_buffer(in
, &username
), 0);
720 CHECK(ret_sec_buffer(in
, &ws
), 0);
721 if (lm
.offset
>= 60) {
722 CHECK(ret_sec_buffer(in
, &sessionkey
), 0);
724 if (lm
.offset
>= 64) {
725 CHECK(krb5_ret_uint32(in
, &type3
->flags
), 0);
727 if (lm
.offset
>= 72) {
728 CHECK(krb5_ret_uint32(in
, &type3
->os
[0]), 0);
729 CHECK(krb5_ret_uint32(in
, &type3
->os
[1]), 0);
731 CHECK(ret_buf(in
, &lm
, &type3
->lm
), 0);
732 CHECK(ret_buf(in
, &ntlm
, &type3
->ntlm
), 0);
733 CHECK(ret_string(in
, ucs2
, &target
, &type3
->targetname
), 0);
734 CHECK(ret_string(in
, ucs2
, &username
, &type3
->username
), 0);
735 CHECK(ret_string(in
, ucs2
, &ws
, &type3
->ws
), 0);
736 if (sessionkey
.offset
)
737 CHECK(ret_buf(in
, &sessionkey
, &type3
->sessionkey
), 0);
740 krb5_storage_free(in
);
742 heim_ntlm_free_type3(type3
);
748 * Encodes an ntlm_type3 message.
750 * @param type3 the ntlm_type3 message to encode.
751 * @param data is the return buffer with the encoded message, should be
752 * freed with heim_ntlm_free_buf().
754 * @return In case of success 0 is return, an errors, a errno in what
761 heim_ntlm_encode_type3(const struct ntlm_type3
*type3
, struct ntlm_buf
*data
)
763 struct sec_buffer lm
, ntlm
, target
, username
, sessionkey
, ws
;
765 krb5_storage
*out
= NULL
;
769 memset(&lm
, 0, sizeof(lm
));
770 memset(&ntlm
, 0, sizeof(ntlm
));
771 memset(&target
, 0, sizeof(target
));
772 memset(&username
, 0, sizeof(username
));
773 memset(&ws
, 0, sizeof(ws
));
774 memset(&sessionkey
, 0, sizeof(sessionkey
));
777 if (type3
->sessionkey
.length
) {
778 base
+= 8; /* sessionkey sec buf */
779 base
+= 4; /* flags */
785 if (type3
->flags
& NTLM_NEG_UNICODE
)
789 lm
.length
= type3
->lm
.length
;
790 lm
.allocated
= type3
->lm
.length
;
792 ntlm
.offset
= lm
.offset
+ lm
.allocated
;
793 ntlm
.length
= type3
->ntlm
.length
;
794 ntlm
.allocated
= ntlm
.length
;
796 target
.offset
= ntlm
.offset
+ ntlm
.allocated
;
797 target
.length
= len_string(ucs2
, type3
->targetname
);
798 target
.allocated
= target
.length
;
800 username
.offset
= target
.offset
+ target
.allocated
;
801 username
.length
= len_string(ucs2
, type3
->username
);
802 username
.allocated
= username
.length
;
804 ws
.offset
= username
.offset
+ username
.allocated
;
805 ws
.length
= len_string(ucs2
, type3
->ws
);
806 ws
.allocated
= ws
.length
;
808 sessionkey
.offset
= ws
.offset
+ ws
.allocated
;
809 sessionkey
.length
= type3
->sessionkey
.length
;
810 sessionkey
.allocated
= type3
->sessionkey
.length
;
812 out
= krb5_storage_emem();
816 krb5_storage_set_byteorder(out
, KRB5_STORAGE_BYTEORDER_LE
);
817 CHECK(krb5_storage_write(out
, ntlmsigature
, sizeof(ntlmsigature
)),
818 sizeof(ntlmsigature
));
819 CHECK(krb5_store_uint32(out
, 3), 0);
821 CHECK(store_sec_buffer(out
, &lm
), 0);
822 CHECK(store_sec_buffer(out
, &ntlm
), 0);
823 CHECK(store_sec_buffer(out
, &target
), 0);
824 CHECK(store_sec_buffer(out
, &username
), 0);
825 CHECK(store_sec_buffer(out
, &ws
), 0);
827 if (type3
->sessionkey
.length
) {
828 CHECK(store_sec_buffer(out
, &sessionkey
), 0);
829 CHECK(krb5_store_uint32(out
, type3
->flags
), 0);
832 CHECK(krb5_store_uint32(out
, 0), 0); /* os0 */
833 CHECK(krb5_store_uint32(out
, 0), 0); /* os1 */
836 CHECK(put_buf(out
, &type3
->lm
), 0);
837 CHECK(put_buf(out
, &type3
->ntlm
), 0);
838 CHECK(put_string(out
, ucs2
, type3
->targetname
), 0);
839 CHECK(put_string(out
, ucs2
, type3
->username
), 0);
840 CHECK(put_string(out
, ucs2
, type3
->ws
), 0);
841 CHECK(put_buf(out
, &type3
->sessionkey
), 0);
845 ret
= krb5_storage_to_data(out
, &d
);
847 data
->length
= d
.length
;
851 krb5_storage_free(out
);
862 splitandenc(unsigned char *hash
,
863 unsigned char *challange
,
864 unsigned char *answer
)
867 DES_key_schedule sched
;
869 ((unsigned char*)key
)[0] = hash
[0];
870 ((unsigned char*)key
)[1] = (hash
[0] << 7) | (hash
[1] >> 1);
871 ((unsigned char*)key
)[2] = (hash
[1] << 6) | (hash
[2] >> 2);
872 ((unsigned char*)key
)[3] = (hash
[2] << 5) | (hash
[3] >> 3);
873 ((unsigned char*)key
)[4] = (hash
[3] << 4) | (hash
[4] >> 4);
874 ((unsigned char*)key
)[5] = (hash
[4] << 3) | (hash
[5] >> 5);
875 ((unsigned char*)key
)[6] = (hash
[5] << 2) | (hash
[6] >> 6);
876 ((unsigned char*)key
)[7] = (hash
[6] << 1);
878 DES_set_odd_parity(&key
);
879 DES_set_key_unchecked(&key
, &sched
);
880 DES_ecb_encrypt((DES_cblock
*)challange
, (DES_cblock
*)answer
, &sched
, 1);
881 memset(&sched
, 0, sizeof(sched
));
882 memset(key
, 0, sizeof(key
));
886 * Calculate the NTLM key, the password is assumed to be in UTF8.
888 * @param password password to calcute the key for.
889 * @param key calcuted key, should be freed with heim_ntlm_free_buf().
891 * @return In case of success 0 is return, an errors, a errno in what
898 heim_ntlm_nt_key(const char *password
, struct ntlm_buf
*key
)
904 key
->data
= malloc(MD5_DIGEST_LENGTH
);
905 if (key
->data
== NULL
)
907 key
->length
= MD5_DIGEST_LENGTH
;
909 ret
= ascii2ucs2le(password
, 0, &buf
);
911 heim_ntlm_free_buf(key
);
915 MD4_Update(&ctx
, buf
.data
, buf
.length
);
916 MD4_Final(key
->data
, &ctx
);
917 heim_ntlm_free_buf(&buf
);
922 * Calculate NTLMv1 response hash
924 * @param key the ntlm v1 key
925 * @param len length of key
926 * @param challange sent by the server
927 * @param answer calculated answer, should be freed with heim_ntlm_free_buf().
929 * @return In case of success 0 is return, an errors, a errno in what
936 heim_ntlm_calculate_ntlm1(void *key
, size_t len
,
937 unsigned char challange
[8],
938 struct ntlm_buf
*answer
)
940 unsigned char res
[21];
942 if (len
!= MD4_DIGEST_LENGTH
)
945 memcpy(res
, key
, len
);
946 memset(&res
[MD4_DIGEST_LENGTH
], 0, sizeof(res
) - MD4_DIGEST_LENGTH
);
948 answer
->data
= malloc(24);
949 if (answer
->data
== NULL
)
953 splitandenc(&res
[0], challange
, ((unsigned char *)answer
->data
) + 0);
954 splitandenc(&res
[7], challange
, ((unsigned char *)answer
->data
) + 8);
955 splitandenc(&res
[14], challange
, ((unsigned char *)answer
->data
) + 16);
961 * Generates an NTLMv1 session random with assosited session master key.
963 * @param key the ntlm v1 key
964 * @param len length of key
965 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
966 * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
968 * @return In case of success 0 is return, an errors, a errno in what
975 heim_ntlm_build_ntlm1_master(void *key
, size_t len
,
976 struct ntlm_buf
*session
,
977 struct ntlm_buf
*master
)
981 memset(master
, 0, sizeof(*master
));
982 memset(session
, 0, sizeof(*session
));
984 if (len
!= MD4_DIGEST_LENGTH
)
987 session
->length
= MD4_DIGEST_LENGTH
;
988 session
->data
= malloc(session
->length
);
989 if (session
->data
== NULL
) {
993 master
->length
= MD4_DIGEST_LENGTH
;
994 master
->data
= malloc(master
->length
);
995 if (master
->data
== NULL
) {
996 heim_ntlm_free_buf(master
);
997 heim_ntlm_free_buf(session
);
1002 unsigned char sessionkey
[MD4_DIGEST_LENGTH
];
1006 MD4_Update(&ctx
, key
, len
);
1007 MD4_Final(sessionkey
, &ctx
);
1009 RC4_set_key(&rc4
, sizeof(sessionkey
), sessionkey
);
1012 if (RAND_bytes(session
->data
, session
->length
) != 1) {
1013 heim_ntlm_free_buf(master
);
1014 heim_ntlm_free_buf(session
);
1018 RC4(&rc4
, master
->length
, session
->data
, master
->data
);
1019 memset(&rc4
, 0, sizeof(rc4
));
1025 * Generates an NTLMv2 session key.
1027 * @param key the ntlm key
1028 * @param len length of key
1029 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1030 * @param target the name of the target, assumed to be in UTF8.
1031 * @param ntlmv2 the ntlmv2 session key
1033 * @ingroup ntlm_core
1037 heim_ntlm_ntlmv2_key(const void *key
, size_t len
,
1038 const char *username
,
1040 unsigned char ntlmv2
[16])
1042 unsigned int hmaclen
;
1046 HMAC_Init_ex(&c
, key
, len
, EVP_md5(), NULL
);
1048 struct ntlm_buf buf
;
1049 /* uppercase username and turn it inte ucs2-le */
1050 ascii2ucs2le(username
, 1, &buf
);
1051 HMAC_Update(&c
, buf
.data
, buf
.length
);
1053 /* uppercase target and turn into ucs2-le */
1054 ascii2ucs2le(target
, 1, &buf
);
1055 HMAC_Update(&c
, buf
.data
, buf
.length
);
1058 HMAC_Final(&c
, ntlmv2
, &hmaclen
);
1059 HMAC_CTX_cleanup(&c
);
1067 #define NTTIME_EPOCH 0x019DB1DED53E8000LL
1070 unix2nttime(time_t unix_time
)
1073 wt
= unix_time
* (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH
;
1078 nt2unixtime(uint64_t t
)
1080 t
= ((t
- (uint64_t)NTTIME_EPOCH
) / (uint64_t)10000000);
1081 if (t
> (((time_t)(~(uint64_t)0)) >> 1))
1088 * Calculate NTLMv2 response
1090 * @param key the ntlm key
1091 * @param len length of key
1092 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1093 * @param target the name of the target, assumed to be in UTF8.
1094 * @param serverchallange challange as sent by the server in the type2 message.
1095 * @param infotarget infotarget as sent by the server in the type2 message.
1096 * @param ntlmv2 calculated session key
1097 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1099 * @return In case of success 0 is return, an errors, a errno in what
1102 * @ingroup ntlm_core
1106 heim_ntlm_calculate_ntlm2(const void *key
, size_t len
,
1107 const char *username
,
1109 const unsigned char serverchallange
[8],
1110 const struct ntlm_buf
*infotarget
,
1111 unsigned char ntlmv2
[16],
1112 struct ntlm_buf
*answer
)
1114 krb5_error_code ret
;
1116 unsigned int hmaclen
;
1117 unsigned char ntlmv2answer
[16];
1119 unsigned char clientchallange
[8];
1123 t
= unix2nttime(time(NULL
));
1125 if (RAND_bytes(clientchallange
, sizeof(clientchallange
)) != 1)
1128 /* calculate ntlmv2 key */
1130 heim_ntlm_ntlmv2_key(key
, len
, username
, target
, ntlmv2
);
1132 /* calculate and build ntlmv2 answer */
1134 sp
= krb5_storage_emem();
1137 krb5_storage_set_flags(sp
, KRB5_STORAGE_BYTEORDER_LE
);
1139 CHECK(krb5_store_uint32(sp
, 0x00000101), 0);
1140 CHECK(krb5_store_uint32(sp
, 0), 0);
1141 /* timestamp le 64 bit ts */
1142 CHECK(krb5_store_uint32(sp
, t
& 0xffffffff), 0);
1143 CHECK(krb5_store_uint32(sp
, t
>> 32), 0);
1145 CHECK(krb5_storage_write(sp
, clientchallange
, 8), 8);
1147 CHECK(krb5_store_uint32(sp
, 0), 0); /* unknown but zero will work */
1148 CHECK(krb5_storage_write(sp
, infotarget
->data
, infotarget
->length
),
1149 infotarget
->length
);
1150 CHECK(krb5_store_uint32(sp
, 0), 0); /* unknown but zero will work */
1152 CHECK(krb5_storage_to_data(sp
, &data
), 0);
1153 krb5_storage_free(sp
);
1157 HMAC_Init_ex(&c
, ntlmv2
, 16, EVP_md5(), NULL
);
1158 HMAC_Update(&c
, serverchallange
, 8);
1159 HMAC_Update(&c
, data
.data
, data
.length
);
1160 HMAC_Final(&c
, ntlmv2answer
, &hmaclen
);
1161 HMAC_CTX_cleanup(&c
);
1163 sp
= krb5_storage_emem();
1165 krb5_data_free(&data
);
1169 CHECK(krb5_storage_write(sp
, ntlmv2answer
, 16), 16);
1170 CHECK(krb5_storage_write(sp
, data
.data
, data
.length
), data
.length
);
1171 krb5_data_free(&data
);
1173 CHECK(krb5_storage_to_data(sp
, &data
), 0);
1174 krb5_storage_free(sp
);
1177 answer
->data
= data
.data
;
1178 answer
->length
= data
.length
;
1183 krb5_storage_free(sp
);
1187 static const int authtimediff
= 3600 * 2; /* 2 hours */
1190 * Verify NTLMv2 response.
1192 * @param key the ntlm key
1193 * @param len length of key
1194 * @param username name of the user, as sent in the message, assumed to be in UTF8.
1195 * @param target the name of the target, assumed to be in UTF8.
1196 * @param now the time now (0 if the library should pick it up itself)
1197 * @param serverchallange challange as sent by the server in the type2 message.
1198 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1199 * @param infotarget infotarget as sent by the server in the type2 message.
1200 * @param ntlmv2 calculated session key
1202 * @return In case of success 0 is return, an errors, a errno in what
1205 * @ingroup ntlm_core
1209 heim_ntlm_verify_ntlm2(const void *key
, size_t len
,
1210 const char *username
,
1213 const unsigned char serverchallange
[8],
1214 const struct ntlm_buf
*answer
,
1215 struct ntlm_buf
*infotarget
,
1216 unsigned char ntlmv2
[16])
1218 krb5_error_code ret
;
1219 unsigned int hmaclen
;
1220 unsigned char clientanswer
[16];
1221 unsigned char clientnonce
[8];
1222 unsigned char serveranswer
[16];
1229 infotarget
->length
= 0;
1230 infotarget
->data
= NULL
;
1232 if (answer
->length
< 16)
1238 /* calculate ntlmv2 key */
1240 heim_ntlm_ntlmv2_key(key
, len
, username
, target
, ntlmv2
);
1242 /* calculate and build ntlmv2 answer */
1244 sp
= krb5_storage_from_readonly_mem(answer
->data
, answer
->length
);
1247 krb5_storage_set_flags(sp
, KRB5_STORAGE_BYTEORDER_LE
);
1249 CHECK(krb5_storage_read(sp
, clientanswer
, 16), 16);
1251 CHECK(krb5_ret_uint32(sp
, &temp
), 0);
1252 CHECK(temp
, 0x00000101);
1253 CHECK(krb5_ret_uint32(sp
, &temp
), 0);
1255 /* timestamp le 64 bit ts */
1256 CHECK(krb5_ret_uint32(sp
, &temp
), 0);
1258 CHECK(krb5_ret_uint32(sp
, &temp
), 0);
1259 t
|= ((uint64_t)temp
)<< 32;
1261 authtime
= nt2unixtime(t
);
1263 if (abs((int)(authtime
- now
)) > authtimediff
) {
1268 /* client challange */
1269 CHECK(krb5_storage_read(sp
, clientnonce
, 8), 8);
1271 CHECK(krb5_ret_uint32(sp
, &temp
), 0); /* unknown */
1273 /* should really unparse the infotarget, but lets pick up everything */
1274 infotarget
->length
= answer
->length
- krb5_storage_seek(sp
, 0, SEEK_CUR
);
1275 infotarget
->data
= malloc(infotarget
->length
);
1276 if (infotarget
->data
== NULL
) {
1280 CHECK(krb5_storage_read(sp
, infotarget
->data
, infotarget
->length
),
1281 infotarget
->length
);
1282 /* XXX remove the unknown ?? */
1283 krb5_storage_free(sp
);
1287 HMAC_Init_ex(&c
, ntlmv2
, 16, EVP_md5(), NULL
);
1288 HMAC_Update(&c
, serverchallange
, 8);
1289 HMAC_Update(&c
, ((unsigned char *)answer
->data
) + 16, answer
->length
- 16);
1290 HMAC_Final(&c
, serveranswer
, &hmaclen
);
1291 HMAC_CTX_cleanup(&c
);
1293 if (memcmp(serveranswer
, clientanswer
, 16) != 0) {
1294 heim_ntlm_free_buf(infotarget
);
1300 heim_ntlm_free_buf(infotarget
);
1302 krb5_storage_free(sp
);
1308 * Calculate the NTLM2 Session Response
1310 * @param clnt_nonce client nonce
1311 * @param svr_chal server challage
1312 * @param ntlm2_hash ntlm hash
1313 * @param lm The LM response, should be freed with heim_ntlm_free_buf().
1314 * @param ntlm The NTLM response, should be freed with heim_ntlm_free_buf().
1316 * @return In case of success 0 is return, an errors, a errno in what
1319 * @ingroup ntlm_core
1323 heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce
[8],
1324 const unsigned char svr_chal
[8],
1325 const unsigned char ntlm_hash
[16],
1326 struct ntlm_buf
*lm
,
1327 struct ntlm_buf
*ntlm
)
1329 unsigned char ntlm2_sess_hash
[MD5_DIGEST_LENGTH
];
1330 unsigned char res
[21], *resp
;
1333 lm
->data
= malloc(24);
1334 if (lm
->data
== NULL
)
1338 ntlm
->data
= malloc(24);
1339 if (ntlm
->data
== NULL
) {
1346 /* first setup the lm resp */
1347 memset(lm
->data
, 0, 24);
1348 memcpy(lm
->data
, clnt_nonce
, 8);
1351 MD5_Update(&md5
, svr_chal
, 8); /* session nonce part 1 */
1352 MD5_Update(&md5
, clnt_nonce
, 8); /* session nonce part 2 */
1353 MD5_Final(ntlm2_sess_hash
, &md5
); /* will only use first 8 bytes */
1355 memset(res
, 0, sizeof(res
));
1356 memcpy(res
, ntlm_hash
, 16);
1359 splitandenc(&res
[0], ntlm2_sess_hash
, resp
+ 0);
1360 splitandenc(&res
[7], ntlm2_sess_hash
, resp
+ 8);
1361 splitandenc(&res
[14], ntlm2_sess_hash
, resp
+ 16);