libtinysmb/ntlm.c

   1 /****************************************************************************
   2  * TinySMB
   3  * Nintendo Wii/GameCube SMB implementation
   4  *
   5  * NTLM authentication
   6  ****************************************************************************/
   7
   8 #include <stdlib.h>
   9 #include <string.h>
  10 #include <unistd.h>
  11 #include <ogc/machine/processor.h>
  12 #include <stdint.h>
  13
  14 typedef struct
  15 {
  16         uint32_t encrypt_subkeys[32];
  17         uint32_t decrypt_subkeys[32];
  18 } gl_des_ctx;
  19
  20 extern void *md4_buffer(const char *buffer, size_t len, void *resblock);
  21 extern void gl_des_setkey(gl_des_ctx *ctx, const char * key);
  22 extern void gl_des_ecb_encrypt(gl_des_ctx *ctx, const char * from, char * to);
  23
  24 /* C89 compliant way to cast 'char' to 'unsigned char'. */
  25 static inline unsigned char to_uchar(char ch)
  26 {
  27         return ch;
  28 }
  29
  30 /*
  31  * turns a 56 bit key into the 64 bit, and sets the key schedule ks.
  32  */
  33 static void ntlm_convert_key(char *key_56, gl_des_ctx * ks)
  34 {
  35         char key[8];
  36
  37         key[0] = to_uchar(key_56[0]);
  38         key[1] = ((to_uchar(key_56[0]) << 7) & 0xFF) | (to_uchar(key_56[1]) >> 1);
  39         key[2] = ((to_uchar(key_56[1]) << 6) & 0xFF) | (to_uchar(key_56[2]) >> 2);
  40         key[3] = ((to_uchar(key_56[2]) << 5) & 0xFF) | (to_uchar(key_56[3]) >> 3);
  41         key[4] = ((to_uchar(key_56[3]) << 4) & 0xFF) | (to_uchar(key_56[4]) >> 4);
  42         key[5] = ((to_uchar(key_56[4]) << 3) & 0xFF) | (to_uchar(key_56[5]) >> 5);
  43         key[6] = ((to_uchar(key_56[5]) << 2) & 0xFF) | (to_uchar(key_56[6]) >> 6);
  44         key[7] = (to_uchar(key_56[6]) << 1) & 0xFF;
  45
  46         gl_des_setkey(ks, key);
  47
  48         memset(&key, 0, sizeof(key));
  49 }
  50
  51 /*
  52  * takes a 21 byte array and treats it as 3 56-bit DES keys. The
  53  * 8 byte plaintext is encrypted with each key and the resulting 24
  54  * bytes are stored in the results array.
  55  */
  56 static void ntlm_encrypt_answer(char *hash, const char *challenge, char *answer)
  57 {
  58         gl_des_ctx ks;
  59
  60         ntlm_convert_key(hash, &ks);
  61         gl_des_ecb_encrypt(&ks, challenge, answer);
  62
  63         ntlm_convert_key(&hash[7], &ks);
  64         gl_des_ecb_encrypt(&ks, challenge, &answer[8]);
  65
  66         ntlm_convert_key(&hash[14], &ks);
  67         gl_des_ecb_encrypt(&ks, challenge, &answer[16]);
  68
  69         memset(&ks, 0, sizeof(ks));
  70 }
  71
  72 void ntlm_smb_nt_encrypt(const char *passwd, const u8 * challenge, u8 * answer)
  73 {
  74         size_t len, i;
  75         unsigned char hash[24];
  76         unsigned char nt_pw[256];
  77
  78         /* NT resp */
  79         len = strlen(passwd);
  80         if (len > 128)
  81                 len = 128;
  82         for (i = 0; i < len; ++i)
  83         {
  84                 nt_pw[2 * i] = passwd[i];
  85                 nt_pw[2 * i + 1] = 0;
  86         }
  87
  88         md4_buffer((const char *) nt_pw, len * 2, hash);
  89
  90         memset(hash + 16, 0, 5);
  91         ntlm_encrypt_answer((char *) hash, (const char *) challenge,
  92                         (char *) answer);
  93
  94         /* with security is best be pedantic */
  95         memset(hash, 0, sizeof(hash));
  96         memset(nt_pw, 0, sizeof(nt_pw));
  97 }