benny/wmic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

wmi-1.3.16 from opsview.com

Browse Source
This commit is contained in:
Are Casilla
2019-02-16 00:16:52 +01:00
parent 163fdd3d1b
commit 17b3af2911
2146 changed files with 678824 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Samba/source/libcli/auth/config.mk
+13
View File
@@ -0,0 +1,13 @@
#################################
# Start SUBSYSTEM LIBCLI_AUTH
[SUBSYSTEM::LIBCLI_AUTH]
PUBLIC_HEADERS = credentials.h
PRIVATE_PROTO_HEADER = proto.h
OBJ_FILES = credentials.o \
session.o \
smbencrypt.o \
smbdes.o
PUBLIC_DEPENDENCIES = \
SCHANNELDB MSRPC_PARSE
# End SUBSYSTEM LIBCLI_AUTH
#################################
Samba/source/libcli/auth/credentials.c
+376
View File
@@ -0,0 +1,376 @@
/*
Unix SMB/CIFS implementation.
code to manipulate domain credentials
Copyright (C) Andrew Tridgell 1997-2003
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "system/time.h"
#include "auth/auth.h"
#include "lib/crypto/crypto.h"
#include "libcli/auth/libcli_auth.h"
/*
initialise the credentials state for old-style 64 bit session keys
this call is made after the netr_ServerReqChallenge call
*/
static void creds_init_64bit(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
const struct samr_Password *machine_password)
{
uint32_t sum[2];
uint8_t sum2[8];
sum[0] = IVAL(client_challenge->data, 0) + IVAL(server_challenge->data, 0);
sum[1] = IVAL(client_challenge->data, 4) + IVAL(server_challenge->data, 4);
SIVAL(sum2,0,sum[0]);
SIVAL(sum2,4,sum[1]);
ZERO_STRUCT(creds->session_key);
des_crypt128(creds->session_key, sum2, machine_password->hash);
des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1);
des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1);
creds->seed = creds->client;
}
/*
initialise the credentials state for ADS-style 128 bit session keys
this call is made after the netr_ServerReqChallenge call
*/
static void creds_init_128bit(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
const struct samr_Password *machine_password)
{
unsigned char zero[4], tmp[16];
HMACMD5Context ctx;
struct MD5Context md5;
ZERO_STRUCT(creds->session_key);
memset(zero, 0, sizeof(zero));
hmac_md5_init_rfc2104(machine_password->hash, sizeof(machine_password->hash), &ctx);
MD5Init(&md5);
MD5Update(&md5, zero, sizeof(zero));
MD5Update(&md5, client_challenge->data, 8);
MD5Update(&md5, server_challenge->data, 8);
MD5Final(tmp, &md5);
hmac_md5_update(tmp, sizeof(tmp), &ctx);
hmac_md5_final(creds->session_key, &ctx);
creds->client = *client_challenge;
creds->server = *server_challenge;
des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1);
des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1);
creds->seed = creds->client;
}
/*
step the credentials to the next element in the chain, updating the
current client and server credentials and the seed
*/
static void creds_step(struct creds_CredentialState *creds)
{
struct netr_Credential time_cred;
DEBUG(5,("\tseed %08x:%08x\n",
IVAL(creds->seed.data, 0), IVAL(creds->seed.data, 4)));
SIVAL(time_cred.data, 0, IVAL(creds->seed.data, 0) + creds->sequence);
SIVAL(time_cred.data, 4, IVAL(creds->seed.data, 4));
DEBUG(5,("\tseed+time %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
des_crypt112(creds->client.data, time_cred.data, creds->session_key, 1);
DEBUG(5,("\tCLIENT %08x:%08x\n",
IVAL(creds->client.data, 0), IVAL(creds->client.data, 4)));
SIVAL(time_cred.data, 0, IVAL(creds->seed.data, 0) + creds->sequence + 1);
SIVAL(time_cred.data, 4, IVAL(creds->seed.data, 4));
DEBUG(5,("\tseed+time+1 %08x:%08x\n",
IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
des_crypt112(creds->server.data, time_cred.data, creds->session_key, 1);
DEBUG(5,("\tSERVER %08x:%08x\n",
IVAL(creds->server.data, 0), IVAL(creds->server.data, 4)));
creds->seed = time_cred;
}
/*
DES encrypt a 8 byte LMSessionKey buffer using the Netlogon session key
*/
void creds_des_encrypt_LMKey(struct creds_CredentialState *creds, struct netr_LMSessionKey *key)
{
struct netr_LMSessionKey tmp;
des_crypt56(tmp.key, key->key, creds->session_key, 1);
*key = tmp;
}
/*
DES decrypt a 8 byte LMSessionKey buffer using the Netlogon session key
*/
void creds_des_decrypt_LMKey(struct creds_CredentialState *creds, struct netr_LMSessionKey *key)
{
struct netr_LMSessionKey tmp;
des_crypt56(tmp.key, key->key, creds->session_key, 0);
*key = tmp;
}
/*
DES encrypt a 16 byte password buffer using the session key
*/
void creds_des_encrypt(struct creds_CredentialState *creds, struct samr_Password *pass)
{
struct samr_Password tmp;
des_crypt112_16(tmp.hash, pass->hash, creds->session_key, 1);
*pass = tmp;
}
/*
DES decrypt a 16 byte password buffer using the session key
*/
void creds_des_decrypt(struct creds_CredentialState *creds, struct samr_Password *pass)
{
struct samr_Password tmp;
des_crypt112_16(tmp.hash, pass->hash, creds->session_key, 0);
*pass = tmp;
}
/*
ARCFOUR encrypt/decrypt a password buffer using the session key
*/
void creds_arcfour_crypt(struct creds_CredentialState *creds, uint8_t *data, size_t len)
{
DATA_BLOB session_key = data_blob(creds->session_key, 16);
arcfour_crypt_blob(data, len, &session_key);
data_blob_free(&session_key);
}
/*****************************************************************
The above functions are common to the client and server interface
next comes the client specific functions
******************************************************************/
/*
initialise the credentials chain and return the first client
credentials
*/
void creds_client_init(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
const struct samr_Password *machine_password,
struct netr_Credential *initial_credential,
uint32_t negotiate_flags)
{
creds->sequence = time(NULL);
creds->negotiate_flags = negotiate_flags;
dump_data_pw("Client chall", client_challenge->data, sizeof(client_challenge->data));
dump_data_pw("Server chall", server_challenge->data, sizeof(server_challenge->data));
dump_data_pw("Machine Pass", machine_password->hash, sizeof(machine_password->hash));
if (negotiate_flags & NETLOGON_NEG_128BIT) {
creds_init_128bit(creds, client_challenge, server_challenge, machine_password);
} else {
creds_init_64bit(creds, client_challenge, server_challenge, machine_password);
}
dump_data_pw("Session key", creds->session_key, 16);
dump_data_pw("Credential ", creds->client.data, 8);
*initial_credential = creds->client;
}
/*
step the credentials to the next element in the chain, updating the
current client and server credentials and the seed
produce the next authenticator in the sequence ready to send to
the server
*/
void creds_client_authenticator(struct creds_CredentialState *creds,
struct netr_Authenticator *next)
{
creds->sequence += 2;
creds_step(creds);
next->cred = creds->client;
next->timestamp = creds->sequence;
}
/*
check that a credentials reply from a server is correct
*/
BOOL creds_client_check(struct creds_CredentialState *creds,
const struct netr_Credential *received_credentials)
{
if (!received_credentials ||
memcmp(received_credentials->data, creds->server.data, 8) != 0) {
DEBUG(2,("credentials check failed\n"));
return False;
}
return True;
}
/*****************************************************************
The above functions are common to the client and server interface
next comes the server specific functions
******************************************************************/
/*
initialise the credentials chain and return the first server
credentials
*/
void creds_server_init(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
const struct samr_Password *machine_password,
struct netr_Credential *initial_credential,
uint32_t negotiate_flags)
{
if (negotiate_flags & NETLOGON_NEG_128BIT) {
creds_init_128bit(creds, client_challenge, server_challenge,
machine_password);
} else {
creds_init_64bit(creds, client_challenge, server_challenge,
machine_password);
}
*initial_credential = creds->server;
creds->negotiate_flags = negotiate_flags;
}
/*
check that a credentials reply from a server is correct
*/
BOOL creds_server_check(const struct creds_CredentialState *creds,
const struct netr_Credential *received_credentials)
{
if (memcmp(received_credentials->data, creds->client.data, 8) != 0) {
DEBUG(2,("credentials check failed\n"));
dump_data_pw("client creds", creds->client.data, 8);
dump_data_pw("calc creds", received_credentials->data, 8);
return False;
}
return True;
}
NTSTATUS creds_server_step_check(struct creds_CredentialState *creds,
struct netr_Authenticator *received_authenticator,
struct netr_Authenticator *return_authenticator)
{
if (!received_authenticator || !return_authenticator) {
return NT_STATUS_INVALID_PARAMETER;
}
if (!creds) {
return NT_STATUS_ACCESS_DENIED;
}
/* TODO: this may allow the a replay attack on a non-signed
connection. Should we check that this is increasing? */
creds->sequence = received_authenticator->timestamp;
creds_step(creds);
if (creds_server_check(creds, &received_authenticator->cred)) {
return_authenticator->cred = creds->server;
return_authenticator->timestamp = creds->sequence;
return NT_STATUS_OK;
} else {
ZERO_STRUCTP(return_authenticator);
return NT_STATUS_ACCESS_DENIED;
}
}
void creds_decrypt_samlogon(struct creds_CredentialState *creds,
uint16_t validation_level,
union netr_Validation *validation)
{
static const char zeros[16];
struct netr_SamBaseInfo *base = NULL;
switch (validation_level) {
case 2:
if (validation->sam2) {
base = &validation->sam2->base;
}
break;
case 3:
if (validation->sam3) {
base = &validation->sam3->base;
}
break;
case 6:
if (validation->sam6) {
base = &validation->sam6->base;
}
break;
default:
/* If we can't find it, we can't very well decrypt it */
return;
}
if (!base) {
return;
}
/* find and decyrpt the session keys, return in parameters above */
if (validation_level == 6) {
/* they aren't encrypted! */
} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
if (memcmp(base->key.key, zeros,
sizeof(base->key.key)) != 0) {
creds_arcfour_crypt(creds,
base->key.key,
sizeof(base->key.key));
}
if (memcmp(base->LMSessKey.key, zeros,
sizeof(base->LMSessKey.key)) != 0) {
creds_arcfour_crypt(creds,
base->LMSessKey.key,
sizeof(base->LMSessKey.key));
}
} else {
if (memcmp(base->LMSessKey.key, zeros,
sizeof(base->LMSessKey.key)) != 0) {
creds_des_decrypt_LMKey(creds,
&base->LMSessKey);
}
}
}
Samba/source/libcli/auth/credentials.h
+47
View File
@@ -0,0 +1,47 @@
/*
Unix SMB/CIFS implementation.
code to manipulate domain credentials
Copyright (C) Andrew Tridgell 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "librpc/gen_ndr/netlogon.h"
struct creds_CredentialState {
uint32_t negotiate_flags;
uint8_t session_key[16];
uint32_t sequence;
struct netr_Credential seed;
struct netr_Credential client;
struct netr_Credential server;
uint16_t secure_channel_type;
const char *domain;
const char *computer_name;
const char *account_name;
struct dom_sid *sid;
};
/* for the timebeing, use the same neg flags as Samba3. */
/* The 7 here seems to be required to get Win2k not to downgrade us
to NT4. Actually, anything other than 1ff would seem to do... */
#define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff
/* these are the flags that ADS clients use */
#define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
Samba/source/libcli/auth/libcli_auth.h
+25
View File
@@ -0,0 +1,25 @@
/*
samba -- Unix SMB/CIFS implementation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __LIBCLI_AUTH_H__
#define __LIBCLI_AUTH_H__
#include "librpc/gen_ndr/netlogon.h"
#include "libcli/auth/credentials.h"
#include "libcli/auth/proto.h"
#endif /* __LIBCLI_AUTH_H__ */
Samba/source/libcli/auth/session.c
+219
View File
@@ -0,0 +1,219 @@
/*
Unix SMB/CIFS implementation.
code to encrypt/decrypt data using the user session key
Copyright (C) Andrew Tridgell 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "libcli/auth/libcli_auth.h"
/*
encrypt or decrypt a blob of data using the user session key
as used in lsa_SetSecret
before calling, the out blob must be initialised to be the same size
as the in blob
*/
void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
BOOL forward)
{
int i, k;
for (i=0,k=0;
i<in->length;
i += 8, k += 7) {
uint8_t bin[8], bout[8], key[7];
memset(bin, 0, 8);
memcpy(bin, &in->data[i], MIN(8, in->length-i));
if (k + 7 > session_key->length) {
k = (session_key->length - k);
}
memcpy(key, &session_key->data[k], 7);
des_crypt56(bout, bin, key, forward?1:0);
memcpy(&out->data[i], bout, MIN(8, in->length-i));
}
}
/*
a convenient wrapper around sess_crypt_blob() for strings, using the LSA convention
note that we round the length to a multiple of 8. This seems to be needed for
compatibility with windows
caller should free using data_blob_free()
*/
DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key)
{
DATA_BLOB ret, src;
int slen = strlen(str);
int dlen = (slen+7) & ~7;
src = data_blob(NULL, 8+dlen);
if (!src.data) {
return data_blob(NULL, 0);
}
ret = data_blob(NULL, 8+dlen);
if (!ret.data) {
data_blob_free(&src);
return data_blob(NULL, 0);
}
SIVAL(src.data, 0, slen);
SIVAL(src.data, 4, 1);
memset(src.data+8, 0, dlen);
memcpy(src.data+8, str, slen);
sess_crypt_blob(&ret, &src, session_key, True);
data_blob_free(&src);
return ret;
}
/*
a convenient wrapper around sess_crypt_blob() for strings, using the LSA convention
caller should free the returned string
*/
char *sess_decrypt_string(TALLOC_CTX *mem_ctx,
DATA_BLOB *blob, const DATA_BLOB *session_key)
{
DATA_BLOB out;
int slen;
char *ret;
if (blob->length < 8) {
return NULL;
}
out = data_blob_talloc(mem_ctx, NULL, blob->length);
if (!out.data) {
return NULL;
}
sess_crypt_blob(&out, blob, session_key, False);
if (IVAL(out.data, 4) != 1) {
DEBUG(0,("Unexpected revision number %d in session crypted string\n",
IVAL(out.data, 4)));
data_blob_free(&out);
return NULL;
}
slen = IVAL(out.data, 0);
if (slen > blob->length - 8) {
DEBUG(0,("Invalid crypt length %d\n", slen));
data_blob_free(&out);
return NULL;
}
ret = talloc_strndup(mem_ctx, (const char *)(out.data+8), slen);
data_blob_free(&out);
DEBUG(0,("decrypted string '%s' of length %d\n", ret, slen));
return ret;
}
/*
a convenient wrapper around sess_crypt_blob() for DATA_BLOBs, using the LSA convention
note that we round the length to a multiple of 8. This seems to be needed for
compatibility with windows
caller should free using data_blob_free()
*/
DATA_BLOB sess_encrypt_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob_in, const DATA_BLOB *session_key)
{
DATA_BLOB ret, src;
int dlen = (blob_in->length+7) & ~7;
src = data_blob_talloc(mem_ctx, NULL, 8+dlen);
if (!src.data) {
return data_blob(NULL, 0);
}
ret = data_blob_talloc(mem_ctx, NULL, 8+dlen);
if (!ret.data) {
data_blob_free(&src);
return data_blob(NULL, 0);
}
SIVAL(src.data, 0, blob_in->length);
SIVAL(src.data, 4, 1);
memset(src.data+8, 0, dlen);
memcpy(src.data+8, blob_in->data, blob_in->length);
sess_crypt_blob(&ret, &src, session_key, True);
data_blob_free(&src);
return ret;
}
/*
Decrypt a DATA_BLOB using the LSA convention
*/
NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DATA_BLOB *session_key,
DATA_BLOB *ret)
{
DATA_BLOB out;
int slen;
if (blob->length < 8) {
DEBUG(0, ("Unexpected length %d in session crypted secret (BLOB)\n",
(int)blob->length));
return NT_STATUS_INVALID_PARAMETER;
}
out = data_blob_talloc(mem_ctx, NULL, blob->length);
if (!out.data) {
return NT_STATUS_NO_MEMORY;
}
sess_crypt_blob(&out, blob, session_key, False);
if (IVAL(out.data, 4) != 1) {
DEBUG(2,("Unexpected revision number %d in session crypted secret (BLOB)\n",
IVAL(out.data, 4)));
return NT_STATUS_UNKNOWN_REVISION;
}
slen = IVAL(out.data, 0);
if (slen > blob->length - 8) {
DEBUG(0,("Invalid crypt length %d in session crypted secret (BLOB)\n", slen));
return NT_STATUS_WRONG_PASSWORD;
}
*ret = data_blob_talloc(mem_ctx, out.data+8, slen);
if (slen && !ret->data) {
return NT_STATUS_NO_MEMORY;
}
data_blob_free(&out);
return NT_STATUS_OK;
}
Samba/source/libcli/auth/smbdes.c
+381
View File
@@ -0,0 +1,381 @@
/*
Unix SMB/CIFS implementation.
a partial implementation of DES designed for use in the
SMB authentication protocol
Copyright (C) Andrew Tridgell 1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
/* NOTES:
This code makes no attempt to be fast! In fact, it is a very
slow implementation
This code is NOT a complete DES implementation. It implements only
the minimum necessary for SMB authentication, as used by all SMB
products (including every copy of Microsoft Windows95 ever sold)
In particular, it can only do a unchained forward DES pass. This
means it is not possible to use this code for encryption/decryption
of data, instead it is only useful as a "hash" algorithm.
There is no entry point into this code that allows normal DES operation.
I believe this means that this code does not come under ITAR
regulations but this is NOT a legal opinion. If you are concerned
about the applicability of ITAR regulations to this code then you
should confirm it for yourself (and maybe let me know if you come
up with a different answer to the one above)
*/
static const uint8_t perm1[56] = {57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4};
static const uint8_t perm2[48] = {14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32};
static const uint8_t perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7};
static const uint8_t perm4[48] = { 32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1};
static const uint8_t perm5[32] = { 16, 7, 20, 21,
29, 12, 28, 17,
1, 15, 23, 26,
5, 18, 31, 10,
2, 8, 24, 14,
32, 27, 3, 9,
19, 13, 30, 6,
22, 11, 4, 25};
static const uint8_t perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25};
static const uint8_t sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
static const uint8_t sbox[8][4][16] = {
{{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
{0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
{4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
{15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},
{{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
{3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
{0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
{13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},
{{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
{13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
{13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
{1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},
{{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
{13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
{10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
{3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},
{{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
{14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
{4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
{11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},
{{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
{10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
{9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
{4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},
{{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
{13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
{1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
{6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},
{{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
{1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
{7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
{2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}};
static void permute(char *out, const char *in, const uint8_t *p, int n)
{
int i;
for (i=0;i<n;i++)
out[i] = in[p[i]-1];
}
static void lshift(char *d, int count, int n)
{
char out[64];
int i;
for (i=0;i<n;i++)
out[i] = d[(i+count)%n];
for (i=0;i<n;i++)
d[i] = out[i];
}
static void concat(char *out, char *in1, char *in2, int l1, int l2)
{
while (l1--)
*out++ = *in1++;
while (l2--)
*out++ = *in2++;
}
static void xor(char *out, char *in1, char *in2, int n)
{
int i;
for (i=0;i<n;i++)
out[i] = in1[i] ^ in2[i];
}
static void dohash(char *out, char *in, char *key, int forw)
{
int i, j, k;
char pk1[56];
char c[28];
char d[28];
char cd[56];
char ki[16][48];
char pd1[64];
char l[32], r[32];
char rl[64];
permute(pk1, key, perm1, 56);
for (i=0;i<28;i++)
c[i] = pk1[i];
for (i=0;i<28;i++)
d[i] = pk1[i+28];
for (i=0;i<16;i++) {
lshift(c, sc[i], 28);
lshift(d, sc[i], 28);
concat(cd, c, d, 28, 28);
permute(ki[i], cd, perm2, 48);
}
permute(pd1, in, perm3, 64);
for (j=0;j<32;j++) {
l[j] = pd1[j];
r[j] = pd1[j+32];
}
for (i=0;i<16;i++) {
char er[48];
char erk[48];
char b[8][6];
char cb[32];
char pcb[32];
char r2[32];
permute(er, r, perm4, 48);
xor(erk, er, ki[forw ? i : 15 - i], 48);
for (j=0;j<8;j++)
for (k=0;k<6;k++)
b[j][k] = erk[j*6 + k];
for (j=0;j<8;j++) {
int m, n;
m = (b[j][0]<<1) | b[j][5];
n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4];
for (k=0;k<4;k++)
b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0;
}
for (j=0;j<8;j++)
for (k=0;k<4;k++)
cb[j*4+k] = b[j][k];
permute(pcb, cb, perm5, 32);
xor(r2, l, pcb, 32);
for (j=0;j<32;j++)
l[j] = r[j];
for (j=0;j<32;j++)
r[j] = r2[j];
}
concat(rl, r, l, 32, 32);
permute(out, rl, perm6, 64);
}
static void str_to_key(const uint8_t *str,uint8_t *key)
{
int i;
key[0] = str[0]>>1;
key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
key[7] = str[6]&0x7F;
for (i=0;i<8;i++) {
key[i] = (key[i]<<1);
}
}
/*
basic des crypt using a 56 bit (7 byte) key
*/
void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int forw)
{
int i;
char outb[64];
char inb[64];
char keyb[64];
uint8_t key2[8];
str_to_key(key, key2);
for (i=0;i<64;i++) {
inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
outb[i] = 0;
}
dohash(outb, inb, keyb, forw);
for (i=0;i<8;i++) {
out[i] = 0;
}
for (i=0;i<64;i++) {
if (outb[i])
out[i/8] |= (1<<(7-(i%8)));
}
}
void E_P16(const uint8_t *p14,uint8_t *p16)
{
const uint8_t sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
des_crypt56(p16, sp8, p14, 1);
des_crypt56(p16+8, sp8, p14+7, 1);
}
void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24)
{
des_crypt56(p24, c8, p21, 1);
des_crypt56(p24+8, c8, p21+7, 1);
des_crypt56(p24+16, c8, p21+14, 1);
}
void D_P16(const uint8_t *p14, const uint8_t *in, uint8_t *out)
{
des_crypt56(out, in, p14, 0);
des_crypt56(out+8, in+8, p14+7, 0);
}
void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out)
{
des_crypt56(out, in, p14, 1);
des_crypt56(out+8, in+8, p14+7, 1);
}
/* des encryption with a 128 bit key */
void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16])
{
uint8_t buf[8];
des_crypt56(buf, in, key, 1);
des_crypt56(out, buf, key+9, 1);
}
/* des encryption with a 64 bit key */
void des_crypt64(uint8_t out[8], const uint8_t in[8], const uint8_t key[8], int forw)
{
uint8_t buf[8];
uint8_t key2[8];
ZERO_STRUCT(key2);
des_crypt56(buf, in, key, forw);
key2[0] = key[7];
des_crypt56(out, buf, key2, forw);
}
/* des encryption with a 112 bit (14 byte) key */
void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw)
{
uint8_t buf[8];
des_crypt56(buf, in, key, forw);
des_crypt56(out, buf, key+7, forw);
}
/* des encryption of a 16 byte lump of data with a 112 bit key */
void des_crypt112_16(uint8_t out[16], uint8_t in[16], const uint8_t key[14], int forw)
{
des_crypt56(out, in, key, forw);
des_crypt56(out + 8, in + 8, key+7, forw);
}
/* Decode a sam password hash into a password. The password hash is the
same method used to store passwords in the NT registry. The DES key
used is based on the RID of the user. */
void sam_rid_crypt(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
{
uint8_t s[14];
s[0] = s[4] = s[8] = s[12] = (uint8_t)(rid & 0xFF);
s[1] = s[5] = s[9] = s[13] = (uint8_t)((rid >> 8) & 0xFF);
s[2] = s[6] = s[10] = (uint8_t)((rid >> 16) & 0xFF);
s[3] = s[7] = s[11] = (uint8_t)((rid >> 24) & 0xFF);
des_crypt56(out, in, s, forw);
des_crypt56(out+8, in+8, s+7, forw);
}
Samba/source/libcli/auth/smbencrypt.c
+536
View File
@@ -0,0 +1,536 @@
/*
Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1998
Modified by Jeremy Allison 1995.
Copyright (C) Jeremy Allison 1995-2000.
Copyright (C) Luke Kennethc Casson Leighton 1996-2000.
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "system/time.h"
#include "auth/ntlmssp/ntlmssp.h"
#include "auth/ntlmssp/msrpc_parse.h"
#include "lib/crypto/crypto.h"
#include "libcli/auth/libcli_auth.h"
#include "pstring.h"
/*
This implements the X/Open SMB password encryption
It takes a password ('unix' string), a 8 byte "crypt key"
and puts 24 bytes of encrypted password into p24
Returns False if password must have been truncated to create LM hash
*/
BOOL SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24])
{
BOOL ret;
uint8_t p21[21];
memset(p21,'\0',21);
ret = E_deshash(passwd, p21);
SMBOWFencrypt(p21, c8, p24);
#ifdef DEBUG_PASSWORD
DEBUG(100,("SMBencrypt: lm#, challenge, response\n"));
dump_data(100, p21, 16);
dump_data(100, c8, 8);
dump_data(100, p24, 24);
#endif
return ret;
}
/**
* Creates the MD4 Hash of the users password in NT UNICODE.
* @param passwd password in 'unix' charset.
* @param p16 return password hashed with md4, caller allocated 16 byte buffer
*/
_PUBLIC_ BOOL E_md4hash(const char *passwd, uint8_t p16[16])
{
int len;
void *wpwd;
len = push_ucs2_talloc(NULL, &wpwd, passwd);
if (len < 2) {
/* We don't want to return fixed data, as most callers
* don't check */
mdfour(p16, passwd, strlen(passwd));
return False;
}
len -= 2;
mdfour(p16, wpwd, len);
talloc_free(wpwd);
return True;
}
/**
* Creates the DES forward-only Hash of the users password in DOS ASCII charset
* @param passwd password in 'unix' charset.
* @param p16 return password hashed with DES, caller allocated 16 byte buffer
* @return False if password was > 14 characters, and therefore may be incorrect, otherwise True
* @note p16 is filled in regardless
*/
_PUBLIC_ BOOL E_deshash(const char *passwd, uint8_t p16[16])
{
BOOL ret = True;
fstring dospwd;
ZERO_STRUCT(dospwd);
/* Password must be converted to DOS charset - null terminated, uppercase. */
push_string(dospwd, passwd, sizeof(dospwd), STR_ASCII|STR_UPPER|STR_TERMINATE);
/* Only the fisrt 14 chars are considered, password need not be null terminated. */
E_P16((const uint8_t *)dospwd, p16);
if (strlen(dospwd) > 14) {
ret = False;
}
ZERO_STRUCT(dospwd);
return ret;
}
/* Does both the NTLMv2 owfs of a user's password */
BOOL ntv2_owf_gen(const uint8_t owf[16],
const char *user_in, const char *domain_in,
BOOL upper_case_domain, /* Transform the domain into UPPER case */
uint8_t kr_buf[16])
{
void *user;
void *domain;
size_t user_byte_len;
size_t domain_byte_len;
HMACMD5Context ctx;
TALLOC_CTX *mem_ctx = talloc_init("ntv2_owf_gen for %s\\%s", domain_in, user_in);
if (!mem_ctx) {
return False;
}
if (!user_in) {
user_in = "";
}
if (!domain_in) {
domain_in = "";
}
user_in = strupper_talloc(mem_ctx, user_in);
if (user_in == NULL) {
talloc_free(mem_ctx);
return False;
}
if (upper_case_domain) {
domain_in = strupper_talloc(mem_ctx, domain_in);
if (domain_in == NULL) {
talloc_free(mem_ctx);
return False;
}
}
user_byte_len = push_ucs2_talloc(mem_ctx, &user, user_in);
if (user_byte_len == (ssize_t)-1) {
DEBUG(0, ("push_uss2_talloc() for user returned -1 (probably talloc() failure)\n"));
talloc_free(mem_ctx);
return False;
}
domain_byte_len = push_ucs2_talloc(mem_ctx, &domain, domain_in);
if (domain_byte_len == (ssize_t)-1) {
DEBUG(0, ("push_ucs2_talloc() for domain returned -1 (probably talloc() failure)\n"));
talloc_free(mem_ctx);
return False;
}
SMB_ASSERT(user_byte_len >= 2);
SMB_ASSERT(domain_byte_len >= 2);
/* We don't want null termination */
user_byte_len = user_byte_len - 2;
domain_byte_len = domain_byte_len - 2;
hmac_md5_init_limK_to_64(owf, 16, &ctx);
hmac_md5_update(user, user_byte_len, &ctx);
hmac_md5_update(domain, domain_byte_len, &ctx);
hmac_md5_final(kr_buf, &ctx);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
dump_data(100, user, user_byte_len);
dump_data(100, domain, domain_byte_len);
dump_data(100, owf, 16);
dump_data(100, kr_buf, 16);
#endif
talloc_free(mem_ctx);
return True;
}
/* Does the des encryption from the NT or LM MD4 hash. */
void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24])
{
uint8_t p21[21];
ZERO_STRUCT(p21);
memcpy(p21, passwd, 16);
E_P24(p21, c8, p24);
}
/* Does the NT MD4 hash then des encryption. */
void SMBNTencrypt(const char *passwd, uint8_t *c8, uint8_t *p24)
{
uint8_t p21[21];
memset(p21,'\0',21);
E_md4hash(passwd, p21);
SMBOWFencrypt(p21, c8, p24);
#ifdef DEBUG_PASSWORD
DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n"));
dump_data(100, p21, 16);
dump_data(100, c8, 8);
dump_data(100, p24, 24);
#endif
}
/* Does the md5 encryption from the Key Response for NTLMv2. */
void SMBOWFencrypt_ntv2(const uint8_t kr[16],
const DATA_BLOB *srv_chal,
const DATA_BLOB *smbcli_chal,
uint8_t resp_buf[16])
{
HMACMD5Context ctx;
hmac_md5_init_limK_to_64(kr, 16, &ctx);
hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
hmac_md5_update(smbcli_chal->data, smbcli_chal->length, &ctx);
hmac_md5_final(resp_buf, &ctx);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("SMBOWFencrypt_ntv2: srv_chal, smbcli_chal, resp_buf\n"));
dump_data(100, srv_chal->data, srv_chal->length);
dump_data(100, smbcli_chal->data, smbcli_chal->length);
dump_data(100, resp_buf, 16);
#endif
}
void SMBsesskeygen_ntv2(const uint8_t kr[16],
const uint8_t * nt_resp, uint8_t sess_key[16])
{
/* a very nice, 128 bit, variable session key */
HMACMD5Context ctx;
hmac_md5_init_limK_to_64(kr, 16, &ctx);
hmac_md5_update(nt_resp, 16, &ctx);
hmac_md5_final((uint8_t *)sess_key, &ctx);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("SMBsesskeygen_ntv2:\n"));
dump_data(100, sess_key, 16);
#endif
}
void SMBsesskeygen_ntv1(const uint8_t kr[16], uint8_t sess_key[16])
{
/* yes, this session key does not change - yes, this
is a problem - but it is 128 bits */
mdfour((uint8_t *)sess_key, kr, 16);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("SMBsesskeygen_ntv1:\n"));
dump_data(100, sess_key, 16);
#endif
}
void SMBsesskeygen_lm_sess_key(const uint8_t lm_hash[16],
const uint8_t lm_resp[24], /* only uses 8 */
uint8_t sess_key[16])
{
/* Calculate the LM session key (effective length 40 bits,
but changes with each session) */
uint8_t p24[24];
uint8_t partial_lm_hash[14];
memcpy(partial_lm_hash, lm_hash, 8);
memset(partial_lm_hash + 8, 0xbd, 6);
des_crypt56(p24, lm_resp, partial_lm_hash, 1);
des_crypt56(p24+8, lm_resp, partial_lm_hash + 7, 1);
memcpy(sess_key, p24, 16);
#ifdef DEBUG_PASSWORD
DEBUG(100, ("SMBsesskeygen_lm_sess_key: \n"));
dump_data(100, sess_key, 16);
#endif
}
DATA_BLOB NTLMv2_generate_names_blob(TALLOC_CTX *mem_ctx,
const char *hostname,
const char *domain)
{
DATA_BLOB names_blob = data_blob_talloc(mem_ctx, NULL, 0);
msrpc_gen(mem_ctx, &names_blob, "aaa",
NTLMSSP_NAME_TYPE_DOMAIN, domain,
NTLMSSP_NAME_TYPE_SERVER, hostname,
0, "");
return names_blob;
}
static DATA_BLOB NTLMv2_generate_client_data(TALLOC_CTX *mem_ctx, const DATA_BLOB *names_blob)
{
uint8_t client_chal[8];
DATA_BLOB response = data_blob(NULL, 0);
uint8_t long_date[8];
NTTIME nttime;
unix_to_nt_time(&nttime, time(NULL));
generate_random_buffer(client_chal, sizeof(client_chal));
push_nttime(long_date, 0, nttime);
/* See http://www.ubiqx.org/cifs/SMB.html#SMB.8.5 */
msrpc_gen(mem_ctx, &response, "ddbbdb",
0x00000101, /* Header */
0, /* 'Reserved' */
long_date, 8, /* Timestamp */
client_chal, 8, /* client challenge */
0, /* Unknown */
names_blob->data, names_blob->length); /* End of name list */
return response;
}
static DATA_BLOB NTLMv2_generate_response(TALLOC_CTX *out_mem_ctx,
const uint8_t ntlm_v2_hash[16],
const DATA_BLOB *server_chal,
const DATA_BLOB *names_blob)
{
uint8_t ntlmv2_response[16];
DATA_BLOB ntlmv2_client_data;
DATA_BLOB final_response;
TALLOC_CTX *mem_ctx = talloc_named(out_mem_ctx, 0,
"NTLMv2_generate_response internal context");
if (!mem_ctx) {
return data_blob(NULL, 0);
}
/* NTLMv2 */
/* generate some data to pass into the response function - including
the hostname and domain name of the server */
ntlmv2_client_data = NTLMv2_generate_client_data(mem_ctx, names_blob);
/* Given that data, and the challenge from the server, generate a response */
SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &ntlmv2_client_data, ntlmv2_response);
final_response = data_blob_talloc(out_mem_ctx, NULL, sizeof(ntlmv2_response) + ntlmv2_client_data.length);
memcpy(final_response.data, ntlmv2_response, sizeof(ntlmv2_response));
memcpy(final_response.data+sizeof(ntlmv2_response),
ntlmv2_client_data.data, ntlmv2_client_data.length);
talloc_free(mem_ctx);
return final_response;
}
static DATA_BLOB LMv2_generate_response(TALLOC_CTX *mem_ctx,
const uint8_t ntlm_v2_hash[16],
const DATA_BLOB *server_chal)
{
uint8_t lmv2_response[16];
DATA_BLOB lmv2_client_data = data_blob_talloc(mem_ctx, NULL, 8);
DATA_BLOB final_response = data_blob_talloc(mem_ctx, NULL,24);
/* LMv2 */
/* client-supplied random data */
generate_random_buffer(lmv2_client_data.data, lmv2_client_data.length);
/* Given that data, and the challenge from the server, generate a response */
SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &lmv2_client_data, lmv2_response);
memcpy(final_response.data, lmv2_response, sizeof(lmv2_response));
/* after the first 16 bytes is the random data we generated above,
so the server can verify us with it */
memcpy(final_response.data+sizeof(lmv2_response),
lmv2_client_data.data, lmv2_client_data.length);
data_blob_free(&lmv2_client_data);
return final_response;
}
BOOL SMBNTLMv2encrypt_hash(TALLOC_CTX *mem_ctx,
const char *user, const char *domain, const uint8_t nt_hash[16],
const DATA_BLOB *server_chal,
const DATA_BLOB *names_blob,
DATA_BLOB *lm_response, DATA_BLOB *nt_response,
DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
{
uint8_t ntlm_v2_hash[16];
/* We don't use the NT# directly. Instead we use it mashed up with
the username and domain.
This prevents username swapping during the auth exchange
*/
if (!ntv2_owf_gen(nt_hash, user, domain, True, ntlm_v2_hash)) {
return False;
}
if (nt_response) {
*nt_response = NTLMv2_generate_response(mem_ctx,
ntlm_v2_hash, server_chal,
names_blob);
if (user_session_key) {
*user_session_key = data_blob_talloc(mem_ctx, NULL, 16);
/* The NTLMv2 calculations also provide a session key, for signing etc later */
/* use only the first 16 bytes of nt_response for session key */
SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, user_session_key->data);
}
}
/* LMv2 */
if (lm_response) {
*lm_response = LMv2_generate_response(mem_ctx,
ntlm_v2_hash, server_chal);
if (lm_session_key) {
*lm_session_key = data_blob_talloc(mem_ctx, NULL, 16);
/* The NTLMv2 calculations also provide a session key, for signing etc later */
/* use only the first 16 bytes of lm_response for session key */
SMBsesskeygen_ntv2(ntlm_v2_hash, lm_response->data, lm_session_key->data);
}
}
return True;
}
BOOL SMBNTLMv2encrypt(TALLOC_CTX *mem_ctx,
const char *user, const char *domain,
const char *password,
const DATA_BLOB *server_chal,
const DATA_BLOB *names_blob,
DATA_BLOB *lm_response, DATA_BLOB *nt_response,
DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
{
uint8_t nt_hash[16];
E_md4hash(password, nt_hash);
return SMBNTLMv2encrypt_hash(mem_ctx,
user, domain, nt_hash, server_chal, names_blob,
lm_response, nt_response, lm_session_key, user_session_key);
}
/***********************************************************
encode a password buffer with a unicode password. The buffer
is filled with random data to make it harder to attack.
************************************************************/
BOOL encode_pw_buffer(uint8_t buffer[516], const char *password, int string_flags)
{
uint8_t new_pw[512];
size_t new_pw_len;
/* the incoming buffer can be any alignment. */
string_flags |= STR_NOALIGN;
new_pw_len = push_string(new_pw,
password,
sizeof(new_pw), string_flags);
memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
generate_random_buffer(buffer, 512 - new_pw_len);
/*
* The length of the new password is in the last 4 bytes of
* the data buffer.
*/
SIVAL(buffer, 512, new_pw_len);
ZERO_STRUCT(new_pw);
return True;
}
/***********************************************************
decode a password buffer
*new_pw_len is the length in bytes of the possibly mulitbyte
returned password including termination.
************************************************************/
BOOL decode_pw_buffer(uint8_t in_buffer[516], char *new_pwrd,
int new_pwrd_size, uint32_t *new_pw_len,
int string_flags)
{
int byte_len=0;
/* the incoming buffer can be any alignment. */
string_flags |= STR_NOALIGN;
/*
Warning !!! : This function is called from some rpc call.
The password IN the buffer may be a UNICODE string.
The password IN new_pwrd is an ASCII string
If you reuse that code somewhere else check first.
*/
/* The length of the new password is in the last 4 bytes of the data buffer. */
byte_len = IVAL(in_buffer, 512);
#ifdef DEBUG_PASSWORD
dump_data(100, in_buffer, 516);
#endif
/* Password cannot be longer than the size of the password buffer */
if ( (byte_len < 0) || (byte_len > 512)) {
return False;
}
/* decode into the return buffer. Buffer length supplied */
*new_pw_len = pull_string(new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size,
byte_len, string_flags);
#ifdef DEBUG_PASSWORD
DEBUG(100,("decode_pw_buffer: new_pwrd: "));
dump_data(100, (const uint8_t *)new_pwrd, *new_pw_len);
DEBUG(100,("multibyte len:%d\n", *new_pw_len));
DEBUG(100,("original char len:%d\n", byte_len/2));
#endif
return True;
}