diff options
author | Andrew Tridgell <tridge@samba.org> | 1997-10-09 10:01:12 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1997-10-09 10:01:12 +0000 |
commit | f726e5517d5348537e31cf3747344d0abd7028c5 (patch) | |
tree | 35714ac39859527b56f7be2cc8b069fb17c1e02c | |
parent | e5494e2c093fecd4b493ab925f7c7d30b79bc98d (diff) | |
download | samba-f726e5517d5348537e31cf3747344d0abd7028c5.tar.gz samba-f726e5517d5348537e31cf3747344d0abd7028c5.tar.bz2 samba-f726e5517d5348537e31cf3747344d0abd7028c5.zip |
an implementation of the NT domain credentials protocol
(This used to be commit dd6ac9b1eea3b0ace27fbd014b5ad4625c1fdf94)
-rw-r--r-- | source3/libsmb/credentials.c | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c new file mode 100644 index 0000000000..efa0d83ec2 --- /dev/null +++ b/source3/libsmb/credentials.c @@ -0,0 +1,101 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + code to manipulate domain credentials + Copyright (C) Andrew Tridgell 1997 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + + +/**************************************************************************** + setup the session key. +Input: 8 byte challenge block + 8 byte server challenge block + 16 byte md4 encrypted password +Output: + 8 byte session key +****************************************************************************/ +void cred_session_key(char *challenge, char *srv_challenge, char *pass, + char *session_key) +{ + uint32 sum[2]; + char sum2[8]; + char buf[8]; + + sum[0] = IVAL(challenge, 0) + IVAL(srv_challenge, 0); + sum[1] = IVAL(challenge, 4) + IVAL(srv_challenge, 4); + + SIVAL(sum2,0,sum[0]); + SIVAL(sum2,4,sum[1]); + + E1(pass,sum2,buf); + E1(pass+9,buf,session_key); +} + + +/**************************************************************************** +create a credential + +Input: + 8 byte sesssion key + 8 byte stored credential + 4 byte timestamp + +Output: + 8 byte credential +****************************************************************************/ +void cred_create(char *session_key, char *stored_cred, uint32 time, + char *cred) +{ + char key2[7]; + char buf[8]; + char timecred[8]; + + memcpy(timecred, stored_cred, 8); + SIVAL(timecred, 0, IVAL(stored_cred, 0) + time); + + E1(session_key, timecred, buf); + memset(key2, 0, 7); + key2[0] = session_key[7]; + E1(key2, buf, cred); +} + + +/**************************************************************************** + check a supplied credential + +Input: + 8 byte received credential + 8 byte sesssion key + 8 byte stored credential + 4 byte timestamp + +Output: + returns 1 if computed credential matches received credential + returns 0 otherwise +****************************************************************************/ +int cred_assert(char *cred, char *session_key, char *stored_cred, + uint32 time) +{ + char cred2[8]; + + cred_create(session_key, stored_cred, time, cred2); + + return memcmp(cred, cred2, 8) == 0; +} + |