diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2009-03-16 21:27:58 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2009-04-14 16:23:35 +1000 |
| commit | f28f113d8e76824b080359c90efd9c92de533740 (patch) | |
| tree | 063c8cf44e1a26adce9128f3e24ee55274292090 /source3/libsmb | |
| parent | fd3be5c4e5e185115eec59752a22f7f354f860ca (diff) | |
| download | samba-f28f113d8e76824b080359c90efd9c92de533740.tar.gz samba-f28f113d8e76824b080359c90efd9c92de533740.tar.bz2 samba-f28f113d8e76824b080359c90efd9c92de533740.zip | |
Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/clirap.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/credentials.c | 86 | ||||
| -rw-r--r-- | source3/libsmb/ntlm_check.c | 470 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp.c | 30 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp_parse.c | 384 | ||||
| -rw-r--r-- | source3/libsmb/smbdes.c | 421 | ||||
| -rw-r--r-- | source3/libsmb/smbencrypt.c | 898 | ||||
| -rw-r--r-- | source3/libsmb/trusts_util.c | 1 |
8 files changed, 26 insertions, 2266 deletions
diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index 3f95e77aee..cc8c9ba67f 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -468,7 +468,7 @@ bool cli_oem_change_password(struct cli_state *cli, const char *user, const char DEBUG(100,("make_oem_passwd_hash\n")); dump_data(100, data, 516); #endif - SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, 516); + arcfour_crypt( (unsigned char *)data, (unsigned char *)old_pw_hash, 516); /* * Now place the old password hash in the data. diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c index 9ba460f869..0d7bde0c09 100644 --- a/source3/libsmb/credentials.c +++ b/source3/libsmb/credentials.c @@ -19,6 +19,8 @@ */ #include "includes.h" +#include "../lib/crypto/crypto.h" +#include "libcli/auth/libcli_auth.h" /**************************************************************************** Represent a credential as a string. @@ -278,84 +280,12 @@ bool netlogon_creds_server_step(struct dcinfo *dc, return true; } -/**************************************************************************** - Create a client credential struct. -****************************************************************************/ - -void creds_client_init(uint32 neg_flags, - struct dcinfo *dc, - struct netr_Credential *clnt_chal, - struct netr_Credential *srv_chal, - const unsigned char mach_pw[16], - struct netr_Credential *init_chal_out) -{ - dc->sequence = time(NULL); - - DEBUG(10,("creds_client_init: neg_flags : %x\n", (unsigned int)neg_flags)); - DEBUG(10,("creds_client_init: client chal : %s\n", credstr(clnt_chal->data) )); - DEBUG(10,("creds_client_init: server chal : %s\n", credstr(srv_chal->data) )); - dump_data_pw("creds_client_init: machine pass", (const unsigned char *)mach_pw, 16); - - /* Generate the session key and the next client and server creds. */ - if (neg_flags & NETLOGON_NEG_128BIT) { - creds_init_128(dc, - clnt_chal, - srv_chal, - mach_pw); - } else { - creds_init_64(dc, - clnt_chal, - srv_chal, - mach_pw); - } - - dump_data_pw("creds_client_init: session key", dc->sess_key, 16); - - DEBUG(10,("creds_client_init: clnt : %s\n", credstr(dc->clnt_chal.data) )); - DEBUG(10,("creds_client_init: server : %s\n", credstr(dc->srv_chal.data) )); - DEBUG(10,("creds_client_init: seed : %s\n", credstr(dc->seed_chal.data) )); - - memcpy(init_chal_out->data, dc->clnt_chal.data, 8); -} - -/**************************************************************************** - Check a credential returned by the server. -****************************************************************************/ - -bool netlogon_creds_client_check(const struct dcinfo *dc, - const struct netr_Credential *rcv_srv_chal_in) -{ - if (memcmp(dc->srv_chal.data, rcv_srv_chal_in->data, - sizeof(dc->srv_chal.data))) { - - DEBUG(0,("netlogon_creds_client_check: credentials check failed.\n")); - DEBUGADD(5,("netlogon_creds_client_check: challenge : %s\n", - credstr(rcv_srv_chal_in->data))); - DEBUGADD(5,("calculated: %s\n", credstr(dc->srv_chal.data))); - return false; - } - - DEBUG(10,("netlogon_creds_client_check: credentials check OK.\n")); - - return true; -} - - -/**************************************************************************** - Step the client credentials to the next element in the chain, updating the - current client and server credentials and the seed - produce the next authenticator in the sequence ready to send to - the server -****************************************************************************/ - -void netlogon_creds_client_step(struct dcinfo *dc, - struct netr_Authenticator *next_cred_out) +void cred_hash3(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) { - dc->sequence += 2; - creds_step(dc); - creds_reseed(dc); + unsigned char key2[8]; - memcpy(&next_cred_out->cred.data, &dc->clnt_chal.data, - sizeof(next_cred_out->cred.data)); - next_cred_out->timestamp = dc->sequence; + memset(key2,'\0',8); + des_crypt56(out, in, key, forw); + key2[0] = key[7]; + des_crypt56(out + 8, in + 8, key2, forw); } diff --git a/source3/libsmb/ntlm_check.c b/source3/libsmb/ntlm_check.c deleted file mode 100644 index 9380a83ea0..0000000000 --- a/source3/libsmb/ntlm_check.c +++ /dev/null @@ -1,470 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Tridgell 1992-2000 - Copyright (C) Luke Kenneth Casson Leighton 1996-2000 - Copyright (C) Andrew Bartlett 2001-2003 - Copyright (C) Gerald Carter 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_AUTH - -/**************************************************************************** - Core of smb password checking routine. -****************************************************************************/ - -static bool smb_pwd_check_ntlmv1(const DATA_BLOB *nt_response, - const uchar *part_passwd, - const DATA_BLOB *sec_blob, - DATA_BLOB *user_sess_key) -{ - /* Finish the encryption of part_passwd. */ - uchar p24[24]; - - if (part_passwd == NULL) { - DEBUG(10,("No password set - DISALLOWING access\n")); - /* No password set - always false ! */ - return false; - } - - if (sec_blob->length != 8) { - DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%lu)\n", - (unsigned long)sec_blob->length)); - return false; - } - - if (nt_response->length != 24) { - DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%lu)\n", - (unsigned long)nt_response->length)); - return false; - } - - SMBOWFencrypt(part_passwd, sec_blob->data, p24); - if (user_sess_key != NULL) { - *user_sess_key = data_blob(NULL, 16); - SMBsesskeygen_ntv1(part_passwd, NULL, user_sess_key->data); - } - - -#if DEBUG_PASSWORD - DEBUG(100,("Part password (P16) was |\n")); - dump_data(100, part_passwd, 16); - DEBUGADD(100,("Password from client was |\n")); - dump_data(100, nt_response->data, nt_response->length); - DEBUGADD(100,("Given challenge was |\n")); - dump_data(100, sec_blob->data, sec_blob->length); - DEBUGADD(100,("Value from encryption was |\n")); - dump_data(100, p24, 24); -#endif - return (memcmp(p24, nt_response->data, 24) == 0); -} - -/**************************************************************************** - Core of smb password checking routine. (NTLMv2, LMv2) - Note: The same code works with both NTLMv2 and LMv2. -****************************************************************************/ - -static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx, - const DATA_BLOB *ntv2_response, - const uint8_t *part_passwd, - const DATA_BLOB *sec_blob, - const char *user, const char *domain, - bool upper_case_domain, /* should the domain be transformed into upper case? */ - DATA_BLOB *user_sess_key) -{ - /* Finish the encryption of part_passwd. */ - uint8_t kr[16]; - uint8_t value_from_encryption[16]; - uint8_t client_response[16]; - DATA_BLOB client_key_data; - bool res; - - if (part_passwd == NULL) { - DEBUG(10,("No password set - DISALLOWING access\n")); - /* No password set - always false */ - return false; - } - - if (sec_blob->length != 8) { - DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect challenge size (%lu)\n", - (unsigned long)sec_blob->length)); - return false; - } - - if (ntv2_response->length < 24) { - /* We MUST have more than 16 bytes, or the stuff below will go - crazy. No known implementation sends less than the 24 bytes - for LMv2, let alone NTLMv2. */ - DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%lu)\n", - (unsigned long)ntv2_response->length)); - return false; - } - - client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16); - /* - todo: should we be checking this for anything? We can't for LMv2, - but for NTLMv2 it is meant to contain the current time etc. - */ - - memcpy(client_response, ntv2_response->data, sizeof(client_response)); - - if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) { - return false; - } - - SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption); - if (user_sess_key != NULL) { - *user_sess_key = data_blob(NULL, 16); - SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data); - } - -#if DEBUG_PASSWORD - DEBUG(100,("Part password (P16) was |\n")); - dump_data(100, part_passwd, 16); - DEBUGADD(100,("Password from client was |\n")); - dump_data(100, ntv2_response->data, ntv2_response->length); - DEBUGADD(100,("Variable data from client was |\n")); - dump_data(100, client_key_data.data, client_key_data.length); - DEBUGADD(100,("Given challenge was |\n")); - dump_data(100, sec_blob->data, sec_blob->length); - DEBUGADD(100,("Value from encryption was |\n")); - dump_data(100, value_from_encryption, 16); -#endif - data_blob_clear_free(&client_key_data); - res = (memcmp(value_from_encryption, client_response, 16) == 0); - if ((!res) && (user_sess_key != NULL)) - data_blob_clear_free(user_sess_key); - return res; -} - -/** - * Check a challenge-response password against the value of the NT or - * LM password hash. - * - * @param mem_ctx talloc context - * @param challenge 8-byte challenge. If all zero, forces plaintext comparison - * @param nt_response 'unicode' NT response to the challenge, or unicode password - * @param lm_response ASCII or LANMAN response to the challenge, or password in DOS code page - * @param username internal Samba username, for log messages - * @param client_username username the client used - * @param client_domain domain name the client used (may be mapped) - * @param nt_pw MD4 unicode password from our passdb or similar - * @param lm_pw LANMAN ASCII password from our passdb or similar - * @param user_sess_key User session key - * @param lm_sess_key LM session key (first 8 bytes of the LM hash) - */ - -NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx, - const DATA_BLOB *challenge, - const DATA_BLOB *lm_response, - const DATA_BLOB *nt_response, - const DATA_BLOB *lm_interactive_pwd, - const DATA_BLOB *nt_interactive_pwd, - const char *username, - const char *client_username, - const char *client_domain, - const uint8_t *lm_pw, const uint8_t *nt_pw, - DATA_BLOB *user_sess_key, - DATA_BLOB *lm_sess_key) -{ - unsigned char zeros[8]; - - ZERO_STRUCT(zeros); - - if (nt_pw == NULL) { - DEBUG(3,("ntlm_password_check: NO NT password stored for user %s.\n", - username)); - } - - if (nt_interactive_pwd && nt_interactive_pwd->length && nt_pw) { - if (nt_interactive_pwd->length != 16) { - DEBUG(3,("ntlm_password_check: Interactive logon: Invalid NT password length (%d) supplied for user %s\n", (int)nt_interactive_pwd->length, - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - if (memcmp(nt_interactive_pwd->data, nt_pw, 16) == 0) { - if (user_sess_key) { - *user_sess_key = data_blob(NULL, 16); - SMBsesskeygen_ntv1(nt_pw, NULL, user_sess_key->data); - } - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: Interactive logon: NT password check failed for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - } else if (lm_interactive_pwd && lm_interactive_pwd->length && lm_pw) { - if (lm_interactive_pwd->length != 16) { - DEBUG(3,("ntlm_password_check: Interactive logon: Invalid LANMAN password length (%d) supplied for user %s\n", (int)lm_interactive_pwd->length, - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - if (!lp_lanman_auth()) { - DEBUG(3,("ntlm_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - if (memcmp(lm_interactive_pwd->data, lm_pw, 16) == 0) { - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: Interactive logon: LANMAN password check failed for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - } - - /* Check for cleartext netlogon. Used by Exchange 5.5. */ - if (challenge->length == sizeof(zeros) && - (memcmp(challenge->data, zeros, challenge->length) == 0 )) { - - DEBUG(4,("ntlm_password_check: checking plaintext passwords for user %s\n", - username)); - if (nt_pw && nt_response->length) { - unsigned char pwhash[16]; - mdfour(pwhash, nt_response->data, nt_response->length); - if (memcmp(pwhash, nt_pw, sizeof(pwhash)) == 0) { - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: NT (Unicode) plaintext password check failed for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - } else if (!lp_lanman_auth()) { - DEBUG(3,("ntlm_password_check: (plaintext password check) LANMAN passwords NOT PERMITTED for user %s\n", - username)); - - } else if (lm_pw && lm_response->length) { - uchar dospwd[14]; - uchar p16[16]; - ZERO_STRUCT(dospwd); - - memcpy(dospwd, lm_response->data, MIN(lm_response->length, sizeof(dospwd))); - /* Only the fisrt 14 chars are considered, password need not be null terminated. */ - - /* we *might* need to upper-case the string here */ - E_P16((const unsigned char *)dospwd, p16); - - if (memcmp(p16, lm_pw, sizeof(p16)) == 0) { - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: LANMAN (ASCII) plaintext password check failed for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - } else { - DEBUG(3, ("Plaintext authentication for user %s attempted, but neither NT nor LM passwords available\n", username)); - return NT_STATUS_WRONG_PASSWORD; - } - } - - if (nt_response->length != 0 && nt_response->length < 24) { - DEBUG(2,("ntlm_password_check: invalid NT password length (%lu) for user %s\n", - (unsigned long)nt_response->length, username)); - } - - if (nt_response->length >= 24 && nt_pw) { - if (nt_response->length > 24) { - /* We have the NT MD4 hash challenge available - see if we can - use it - */ - DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with domain [%s]\n", client_domain)); - if (smb_pwd_check_ntlmv2(mem_ctx, - nt_response, - nt_pw, challenge, - client_username, - client_domain, - False, - user_sess_key)) { - return NT_STATUS_OK; - } - - DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with uppercased version of domain [%s]\n", client_domain)); - if (smb_pwd_check_ntlmv2(mem_ctx, - nt_response, - nt_pw, challenge, - client_username, - client_domain, - true, - user_sess_key)) { - return NT_STATUS_OK; - } - - DEBUG(4,("ntlm_password_check: Checking NTLMv2 password without a domain\n")); - if (smb_pwd_check_ntlmv2(mem_ctx, - nt_response, - nt_pw, challenge, - client_username, - "", - False, - user_sess_key)) { - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: NTLMv2 password check failed\n")); - return NT_STATUS_WRONG_PASSWORD; - } - } - - if (lp_ntlm_auth()) { - /* We have the NT MD4 hash challenge available - see if we can - use it (ie. does it exist in the smbpasswd file). - */ - DEBUG(4,("ntlm_password_check: Checking NT MD4 password\n")); - if (smb_pwd_check_ntlmv1(nt_response, - nt_pw, challenge, - user_sess_key)) { - /* The LM session key for this response is not very secure, - so use it only if we otherwise allow LM authentication */ - - if (lp_lanman_auth() && lm_pw) { - uint8_t first_8_lm_hash[16]; - memcpy(first_8_lm_hash, lm_pw, 8); - memset(first_8_lm_hash + 8, '\0', 8); - if (lm_sess_key) { - *lm_sess_key = data_blob(first_8_lm_hash, 16); - } - } - return NT_STATUS_OK; - } else { - DEBUG(3,("ntlm_password_check: NT MD4 password check failed for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - } else { - DEBUG(2,("ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user %s\n", - username)); - /* no return, becouse we might pick up LMv2 in the LM field */ - } - } - - if (lm_response->length == 0) { - DEBUG(3,("ntlm_password_check: NEITHER LanMan nor NT password supplied for user %s\n", - username)); - return NT_STATUS_WRONG_PASSWORD; - } - - if (lm_response->length < 24) { - DEBUG(2,("ntlm_password_check: invalid LanMan password length (%lu) for user %s\n", - (unsigned long)nt_response->length, username)); - return NT_STATUS_WRONG_PASSWORD; - } - - if (!lp_lanman_auth()) { - DEBUG(3,("ntlm_password_check: Lanman passwords NOT PERMITTED for user %s\n", - username)); - } else if (!lm_pw) { - DEBUG(3,("ntlm_password_check: NO LanMan password set for user %s (and no NT password supplied)\n", - username)); - } else { - DEBUG(4,("ntlm_password_check: Checking LM password\n")); - if (smb_pwd_check_ntlmv1(lm_response, - lm_pw, challenge, - NULL)) { - uint8_t first_8_lm_hash[16]; - memcpy(first_8_lm_hash, lm_pw, 8); - memset(first_8_lm_hash + 8, '\0', 8); - if (user_sess_key) { - *user_sess_key = data_blob(first_8_lm_hash, 16); - } - - if (lm_sess_key) { - *lm_sess_key = data_blob(first_8_lm_hash, 16); - } - return NT_STATUS_OK; - } - } - - if (!nt_pw) { - DEBUG(4,("ntlm_password_check: LM password check failed for user, no NT password %s\n",username)); - return NT_STATUS_WRONG_PASSWORD; - } - - /* This is for 'LMv2' authentication. almost NTLMv2 but limited to 24 bytes. - - related to Win9X, legacy NAS pass-though authentication - */ - DEBUG(4,("ntlm_password_check: Checking LMv2 password with domain %s\n", client_domain)); - if (smb_pwd_check_ntlmv2(mem_ctx, - lm_response, - nt_pw, challenge, - client_username, - client_domain, - false, - NULL)) { - return NT_STATUS_OK; - } - - DEBUG(4,("ntlm_password_check: Checking LMv2 password with upper-cased version of domain %s\n", client_domain)); - if (smb_pwd_check_ntlmv2(mem_ctx, - lm_response, - nt_pw, challenge, - client_username, - client_domain, - true, - NULL)) { - return NT_STATUS_OK; - } - - DEBUG(4,("ntlm_password_check: Checking LMv2 password without a domain\n")); - if (smb_pwd_check_ntlmv2(mem_ctx, - lm_response, - nt_pw, challenge, - client_username, - "", - false, - NULL)) { - return NT_STATUS_OK; - } - - /* Apparently NT accepts NT responses in the LM field - - I think this is related to Win9X pass-though authentication - */ - DEBUG(4,("ntlm_password_check: Checking NT MD4 password in LM field\n")); - if (lp_ntlm_auth()) { - if (smb_pwd_check_ntlmv1(lm_response, - nt_pw, challenge, - NULL)) { - /* The session key for this response is still very odd. - It not very secure, so use it only if we otherwise - allow LM authentication */ - - if (lp_lanman_auth() && lm_pw) { - uint8_t first_8_lm_hash[16]; - memcpy(first_8_lm_hash, lm_pw, 8); - memset(first_8_lm_hash + 8, '\0', 8); - if (user_sess_key) { - *user_sess_key = data_blob(first_8_lm_hash, 16); - } - - if (lm_sess_key) { - *lm_sess_key = data_blob(first_8_lm_hash, 16); - } - } - return NT_STATUS_OK; - } - DEBUG(3,("ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user %s\n",username)); - } else { - DEBUG(3,("ntlm_password_check: LM password and LMv2 failed for user %s, and NT MD4 password in LM field not permitted\n",username)); - } - return NT_STATUS_WRONG_PASSWORD; -} - diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 0764f97d85..f9976902d8 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -22,6 +22,7 @@ */ #include "includes.h" +#include "../libcli/auth/libcli_auth.h" static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, DATA_BLOB reply, DATA_BLOB *next_request); @@ -873,9 +874,9 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, ntlmssp_state->session_key = session_key; } else { dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length); - SamOEMhash(encrypted_session_key.data, - session_key.data, - encrypted_session_key.length); + arcfour_crypt_blob(encrypted_session_key.data, + encrypted_session_key.length, + &session_key); ntlmssp_state->session_key = data_blob_talloc( ntlmssp_state, encrypted_session_key.data, encrypted_session_key.length); @@ -1079,7 +1080,6 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, /* not doing NLTM2 without a password */ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2; } else if (ntlmssp_state->use_ntlmv2) { - if (!struct_blob.length) { /* be lazy, match win2k - we can't do NTLMv2 without it */ DEBUG(1, ("Server did not provide 'target information', required for NTLMv2\n")); @@ -1089,11 +1089,13 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, /* TODO: if the remote server is standalone, then we should replace 'domain' with the server name as supplied above */ - if (!SMBNTLMv2encrypt_hash(ntlmssp_state->user, - ntlmssp_state->domain, - ntlmssp_state->nt_hash, &challenge_blob, - &struct_blob, - &lm_response, &nt_response, &session_key)) { + if (!SMBNTLMv2encrypt_hash(ntlmssp_state, + ntlmssp_state->user, + ntlmssp_state->domain, + ntlmssp_state->nt_hash, &challenge_blob, + &struct_blob, + &lm_response, &nt_response, NULL, + &session_key)) { data_blob_free(&challenge_blob); data_blob_free(&struct_blob); return NT_STATUS_NO_MEMORY; @@ -1122,12 +1124,12 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, nt_response = data_blob_talloc(ntlmssp_state, NULL, 24); SMBNTencrypt_hash(ntlmssp_state->nt_hash, - session_nonce_hash, - nt_response.data); + session_nonce_hash, + nt_response.data); session_key = data_blob_talloc(ntlmssp_state, NULL, 16); - SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, NULL, user_session_key); + SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, user_session_key); hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data); dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length); } else { @@ -1150,7 +1152,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, session_key.data); dump_data_pw("LM session key\n", session_key.data, session_key.length); } else { - SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, NULL, session_key.data); + SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, session_key.data); dump_data_pw("NT session key:\n", session_key.data, session_key.length); } } @@ -1166,7 +1168,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, /* Encrypt the new session key with the old one */ encrypted_session_key = data_blob(client_session_key, sizeof(client_session_key)); dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length); - SamOEMhash(encrypted_session_key.data, session_key.data, encrypted_session_key.length); + arcfour_crypt_blob(encrypted_session_key.data, encrypted_session_key.length, &session_key); dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length); /* Mark the new session key as the 'real' session key */ diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c deleted file mode 100644 index 98c50596be..0000000000 --- a/source3/libsmb/ntlmssp_parse.c +++ /dev/null @@ -1,384 +0,0 @@ -/* - Unix SMB/CIFS implementation. - simple kerberos5/SPNEGO routines - Copyright (C) Andrew Tridgell 2001 - Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002 - Copyright (C) Andrew Bartlett 2002-2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -/* - this is a tiny msrpc packet generator. I am only using this to - avoid tying this code to a particular varient of our rpc code. This - generator is not general enough for all our rpc needs, its just - enough for the spnego/ntlmssp code - - format specifiers are: - - U = unicode string (input is unix string) - a = address (input is char *unix_string) - (1 byte type, 1 byte length, unicode/ASCII string, all inline) - A = ASCII string (input is unix string) - B = data blob (pointer + length) - b = data blob in header (pointer + length) - D - d = word (4 bytes) - C = constant ascii string - */ -bool msrpc_gen(DATA_BLOB *blob, - const char *format, ...) -{ - int i, n; - va_list ap; - char *s; - uint8 *b; - int head_size=0, data_size=0; - int head_ofs, data_ofs; - - /* first scan the format to work out the header and body size */ - va_start(ap, format); - for (i=0; format[i]; i++) { - switch (format[i]) { - case 'U': - s = va_arg(ap, char *); - head_size += 8; - data_size += str_charnum(s) * 2; - break; - case 'A': - s = va_arg(ap, char *); - head_size += 8; - data_size += str_ascii_charnum(s); - break; - case 'a': - n = va_arg(ap, int); - s = va_arg(ap, char *); - data_size += (str_charnum(s) * 2) + 4; - break; - case 'B': - b = va_arg(ap, uint8 *); - head_size += 8; - data_size += va_arg(ap, int); - break; - case 'b': - b = va_arg(ap, uint8 *); - head_size += va_arg(ap, int); - break; - case 'd': - n = va_arg(ap, int); - head_size += 4; - break; - case 'C': - s = va_arg(ap, char *); - head_size += str_charnum(s) + 1; - break; - } - } - va_end(ap); - - /* allocate the space, then scan the format - * again to fill in the values */ - - *blob = data_blob(NULL, head_size + data_size); - - head_ofs = 0; - data_ofs = head_size; - - va_start(ap, format); - for (i=0; format[i]; i++) { - switch (format[i]) { - case 'U': - s = va_arg(ap, char *); - n = str_charnum(s); - SSVAL(blob->data, head_ofs, n*2); head_ofs += 2; - SSVAL(blob->data, head_ofs, n*2); head_ofs += 2; - SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4; - push_string_check(blob->data+data_ofs, - s, n*2, STR_UNICODE|STR_NOALIGN); - data_ofs += n*2; - break; - case 'A': - s = va_arg(ap, char *); - n = str_ascii_charnum(s); - SSVAL(blob->data, head_ofs, n); head_ofs += 2; - SSVAL(blob->data, head_ofs, n); head_ofs += 2; - SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4; - push_string_check(blob->data+data_ofs, - s, n, STR_ASCII|STR_NOALIGN); - data_ofs += n; - break; - case 'a': - n = va_arg(ap, int); - SSVAL(blob->data, data_ofs, n); data_ofs += 2; - s = va_arg(ap, char *); - n = str_charnum(s); - SSVAL(blob->data, data_ofs, n*2); data_ofs += 2; - if (0 < n) { - push_string_check(blob->data+data_ofs, s, n*2, - STR_UNICODE|STR_NOALIGN); - } - data_ofs += n*2; - break; - - case 'B': - b = va_arg(ap, uint8 *); - n = va_arg(ap, int); - SSVAL(blob->data, head_ofs, n); head_ofs += 2; - SSVAL(blob->data, head_ofs, n); head_ofs += 2; - SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4; - if (n && b) /* don't follow null pointers... */ - memcpy(blob->data+data_ofs, b, n); - data_ofs += n; - break; - case 'd': - n = va_arg(ap, int); - SIVAL(blob->data, head_ofs, n); head_ofs += 4; - break; - case 'b': - b = va_arg(ap, uint8 *); - n = va_arg(ap, int); - memcpy(blob->data + head_ofs, b, n); - head_ofs += n; - break; - case 'C': - s = va_arg(ap, char *); - n = str_charnum(s) + 1; - head_ofs += push_string_check(blob->data+head_ofs, s, n, - STR_ASCII|STR_TERMINATE); - break; - } - } - va_end(ap); - - return true; -} - - -/* a helpful macro to avoid running over the end of our blob */ -#define NEED_DATA(amount) \ -if ((head_ofs + amount) > blob->length) { \ - va_end(ap); \ - return False; \ -} - -/* - this is a tiny msrpc packet parser. This the the partner of msrpc_gen - - format specifiers are: - - U = unicode string (output is unix string) - A = ascii string - B = data blob - b = data blob in header - d = word (4 bytes) - C = constant ascii string - */ - -bool msrpc_parse(const DATA_BLOB *blob, - const char *format, ...) -{ - int i; - va_list ap; - char **ps, *s; - DATA_BLOB *b; - size_t head_ofs = 0; - uint16 len1, len2; - uint32 ptr; - uint32 *v; - - va_start(ap, format); - for (i=0; format[i]; i++) { - switch (format[i]) { - case 'U': - NEED_DATA(8); - len1 = SVAL(blob->data, head_ofs); head_ofs += 2; - len2 = SVAL(blob->data, head_ofs); head_ofs += 2; - ptr = IVAL(blob->data, head_ofs); head_ofs += 4; - - ps = va_arg(ap, char **); - if (len1 == 0 && len2 == 0) { - *ps = smb_xstrdup(""); - } else { - /* make sure its in the right format - * be strict */ - if ((len1 != len2) || (ptr + len1 < ptr) || - (ptr + len1 < len1) || - (ptr + len1 > blob->length)) { - va_end(ap); - return false; - } - if (len1 & 1) { - /* if odd length and unicode */ - va_end(ap); - return false; - } - if (blob->data + ptr < - (uint8 *)(unsigned long)ptr || - blob->data + ptr < blob->data) { - va_end(ap); - return false; - } - - if (0 < len1) { - char *p = NULL; - pull_string_talloc(talloc_tos(), - NULL, - 0, - &p, - blob->data + ptr, - len1, - STR_UNICODE|STR_NOALIGN); - if (p) { - (*ps) = smb_xstrdup(p); - TALLOC_FREE(p); - } else { - (*ps) = smb_xstrdup(""); - } - } else { - (*ps) = smb_xstrdup(""); - } - } - break; - case 'A': - NEED_DATA(8); - len1 = SVAL(blob->data, head_ofs); head_ofs += 2; - len2 = SVAL(blob->data, head_ofs); head_ofs += 2; - ptr = IVAL(blob->data, head_ofs); head_ofs += 4; - - ps = va_arg(ap, char **); - /* make sure its in the right format - be strict */ - if (len1 == 0 && len2 == 0) { - *ps = smb_xstrdup(""); - } else { - if ((len1 != len2) || (ptr + len1 < ptr) || - (ptr + len1 < len1) || - (ptr + len1 > blob->length)) { - va_end(ap); - return false; - } - - if (blob->data + ptr < - (uint8 *)(unsigned long)ptr || - blob->data + ptr < blob->data) { - va_end(ap); - return false; - } - - if (0 < len1) { - char *p = NULL; - pull_string_talloc(talloc_tos(), - NULL, - 0, - &p, - blob->data + ptr, - len1, - STR_ASCII|STR_NOALIGN); - if (p) { - (*ps) = smb_xstrdup(p); - TALLOC_FREE(p); - } else { - (*ps) = smb_xstrdup(""); - } - } else { - (*ps) = smb_xstrdup(""); - } - } - break; - case 'B': - NEED_DATA(8); - len1 = SVAL(blob->data, head_ofs); head_ofs += 2; - len2 = SVAL(blob->data, head_ofs); head_ofs += 2; - ptr = IVAL(blob->data, head_ofs); head_ofs += 4; - - b = (DATA_BLOB *)va_arg(ap, void *); - if (len1 == 0 && len2 == 0) { - *b = data_blob_null; - } else { - /* make sure its in the right format - * be strict */ - if ((len1 != len2) || (ptr + len1 < ptr) || - (ptr + len1 < len1) || - (ptr + len1 > blob->length)) { - va_end(ap); - return false; - } - - if (blob->data + ptr < - (uint8 *)(unsigned long)ptr || - blob->data + ptr < blob->data) { - va_end(ap); - return false; - } - - *b = data_blob(blob->data + ptr, len1); - } - break; - case 'b': - b = (DATA_BLOB *)va_arg(ap, void *); - len1 = va_arg(ap, unsigned); - /* make sure its in the right format - be strict */ - NEED_DATA(len1); - if (blob->data + head_ofs < (uint8 *)head_ofs || - blob->data + head_ofs < blob->data) { - va_end(ap); - return false; - } - - *b = data_blob(blob->data + head_ofs, len1); - head_ofs += len1; - break; - case 'd': - v = va_arg(ap, uint32 *); - NEED_DATA(4); - *v = IVAL(blob->data, head_ofs); head_ofs += 4; - break; - case 'C': - s = va_arg(ap, char *); - - if (blob->data + head_ofs < (uint8 *)head_ofs || - blob->data + head_ofs < blob->data) { - va_end(ap); - return false; - } - - { - char *p = NULL; - size_t ret = pull_string_talloc(talloc_tos(), - NULL, - 0, - &p, - blob->data+head_ofs, - blob->length - head_ofs, - STR_ASCII|STR_TERMINATE); - if (ret == (size_t)-1 || p == NULL) { - va_end(ap); - return false; - } - head_ofs += ret; - if (strcmp(s, p) != 0) { - TALLOC_FREE(p); - va_end(ap); - return false; - } - TALLOC_FREE(p); - } - break; - } - } - va_end(ap); - - return True; -} diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c deleted file mode 100644 index 8087d66799..0000000000 --- a/source3/libsmb/smbdes.c +++ /dev/null @@ -1,421 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - a partial implementation of DES designed for use in the - SMB authentication protocol - - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -/* NOTES: - - This code makes no attempt to be fast! In fact, it is a very - slow implementation - - This code is NOT a complete DES implementation. It implements only - the minimum necessary for SMB authentication, as used by all SMB - products (including every copy of Microsoft Windows95 ever sold) - - In particular, it can only do a unchained forward DES pass. This - means it is not possible to use this code for encryption/decryption - of data, instead it is only useful as a "hash" algorithm. - - There is no entry point into this code that allows normal DES operation. - - I believe this means that this code does not come under ITAR - regulations but this is NOT a legal opinion. If you are concerned - about the applicability of ITAR regulations to this code then you - should confirm it for yourself (and maybe let me know if you come - up with a different answer to the one above) -*/ - - -#define uchar unsigned char - -static const uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, - 1, 58, 50, 42, 34, 26, 18, - 10, 2, 59, 51, 43, 35, 27, - 19, 11, 3, 60, 52, 44, 36, - 63, 55, 47, 39, 31, 23, 15, - 7, 62, 54, 46, 38, 30, 22, - 14, 6, 61, 53, 45, 37, 29, - 21, 13, 5, 28, 20, 12, 4}; - -static const uchar perm2[48] = {14, 17, 11, 24, 1, 5, - 3, 28, 15, 6, 21, 10, - 23, 19, 12, 4, 26, 8, - 16, 7, 27, 20, 13, 2, - 41, 52, 31, 37, 47, 55, - 30, 40, 51, 45, 33, 48, - 44, 49, 39, 56, 34, 53, - 46, 42, 50, 36, 29, 32}; - -static const uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, - 60, 52, 44, 36, 28, 20, 12, 4, - 62, 54, 46, 38, 30, 22, 14, 6, - 64, 56, 48, 40, 32, 24, 16, 8, - 57, 49, 41, 33, 25, 17, 9, 1, - 59, 51, 43, 35, 27, 19, 11, 3, - 61, 53, 45, 37, 29, 21, 13, 5, - 63, 55, 47, 39, 31, 23, 15, 7}; - -static const uchar perm4[48] = { 32, 1, 2, 3, 4, 5, - 4, 5, 6, 7, 8, 9, - 8, 9, 10, 11, 12, 13, - 12, 13, 14, 15, 16, 17, - 16, 17, 18, 19, 20, 21, - 20, 21, 22, 23, 24, 25, - 24, 25, 26, 27, 28, 29, - 28, 29, 30, 31, 32, 1}; - -static const uchar perm5[32] = { 16, 7, 20, 21, - 29, 12, 28, 17, - 1, 15, 23, 26, - 5, 18, 31, 10, - 2, 8, 24, 14, - 32, 27, 3, 9, - 19, 13, 30, 6, - 22, 11, 4, 25}; - - -static const uchar perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, - 39, 7, 47, 15, 55, 23, 63, 31, - 38, 6, 46, 14, 54, 22, 62, 30, - 37, 5, 45, 13, 53, 21, 61, 29, - 36, 4, 44, 12, 52, 20, 60, 28, - 35, 3, 43, 11, 51, 19, 59, 27, - 34, 2, 42, 10, 50, 18, 58, 26, - 33, 1, 41, 9, 49, 17, 57, 25}; - - -static const uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; - -static const uchar sbox[8][4][16] = { - {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, - {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, - {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, - {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}}, - - {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, - {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, - {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, - {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}}, - - {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, - {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, - {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, - {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}}, - - {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, - {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, - {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, - {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}}, - - {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, - {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, - {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, - {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}}, - - {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, - {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, - {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, - {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}}, - - {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, - {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, - {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, - {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}}, - - {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, - {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, - {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, - {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; - -static void permute(char *out, const char *in, const uchar *p, int n) -{ - int i; - for (i=0;i<n;i++) - out[i] = in[p[i]-1]; -} - -static void lshift(char *d, int count, int n) -{ - char out[64]; - int i; - for (i=0;i<n;i++) - out[i] = d[(i+count)%n]; - for (i=0;i<n;i++) - d[i] = out[i]; -} - -static void concat(char *out, char *in1, char *in2, int l1, int l2) -{ - while (l1--) - *out++ = *in1++; - while (l2--) - *out++ = *in2++; -} - -static void x_or(char *out, char *in1, char *in2, int n) -{ - int i; - for (i=0;i<n;i++) - out[i] = in1[i] ^ in2[i]; -} - -static void dohash(char *out, char *in, char *key, int forw) -{ - int i, j, k; - char pk1[56]; - char c[28]; - char d[28]; - char cd[56]; - char ki[16][48]; - char pd1[64]; - char l[32], r[32]; - char rl[64]; - - permute(pk1, key, perm1, 56); - - for (i=0;i<28;i++) - c[i] = pk1[i]; - for (i=0;i<28;i++) - d[i] = pk1[i+28]; - - for (i=0;i<16;i++) { - lshift(c, sc[i], 28); - lshift(d, sc[i], 28); - - concat(cd, c, d, 28, 28); - permute(ki[i], cd, perm2, 48); - } - - permute(pd1, in, perm3, 64); - - for (j=0;j<32;j++) { - l[j] = pd1[j]; - r[j] = pd1[j+32]; - } - - for (i=0;i<16;i++) { - char er[48]; - char erk[48]; - char b[8][6]; - char cb[32]; - char pcb[32]; - char r2[32]; - - permute(er, r, perm4, 48); - - x_or(erk, er, ki[forw ? i : 15 - i], 48); - - for (j=0;j<8;j++) - for (k=0;k<6;k++) - b[j][k] = erk[j*6 + k]; - - for (j=0;j<8;j++) { - int m, n; - m = (b[j][0]<<1) | b[j][5]; - - n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4]; - - for (k=0;k<4;k++) - b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0; - } - - for (j=0;j<8;j++) - for (k=0;k<4;k++) - cb[j*4+k] = b[j][k]; - permute(pcb, cb, perm5, 32); - - x_or(r2, l, pcb, 32); - - for (j=0;j<32;j++) - l[j] = r[j]; - - for (j=0;j<32;j++) - r[j] = r2[j]; - } - - concat(rl, r, l, 32, 32); - - permute(out, rl, perm6, 64); -} - -/* Convert a 7 byte string to an 8 byte key. */ -static void str_to_key(const unsigned char str[7], unsigned char key[8]) -{ - int i; - - key[0] = str[0]>>1; - key[1] = ((str[0]&0x01)<<6) | (str[1]>>2); - key[2] = ((str[1]&0x03)<<5) | (str[2]>>3); - key[3] = ((str[2]&0x07)<<4) | (str[3]>>4); - key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5); - key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6); - key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7); - key[7] = str[6]&0x7F; - for (i=0;i<8;i++) { - key[i] = (key[i]<<1); - } -} - - -void des_crypt56(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) -{ - int i; - char outb[64]; - char inb[64]; - char keyb[64]; - unsigned char key2[8]; - - str_to_key(key, key2); - - for (i=0;i<64;i++) { - inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0; - keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0; - outb[i] = 0; - } - - dohash(outb, inb, keyb, forw); - - for (i=0;i<8;i++) { - out[i] = 0; - } - - for (i=0;i<64;i++) { - if (outb[i]) - out[i/8] |= (1<<(7-(i%8))); - } -} - -void E_P16(const unsigned char *p14,unsigned char *p16) -{ - unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - des_crypt56(p16, sp8, p14, 1); - des_crypt56(p16+8, sp8, p14+7, 1); -} - -void E_P24(const unsigned char *p21, const unsigned char *c8, unsigned char *p24) -{ - des_crypt56(p24, c8, p21, 1); - des_crypt56(p24+8, c8, p21+7, 1); - des_crypt56(p24+16, c8, p21+14, 1); -} - -void D_P16(const unsigned char *p14, const unsigned char *in, unsigned char *out) -{ - des_crypt56(out, in, p14, 0); - des_crypt56(out+8, in+8, p14+7, 0); -} - -void E_old_pw_hash( unsigned char *p14, const unsigned char *in, unsigned char *out) -{ - des_crypt56(out, in, p14, 1); - des_crypt56(out+8, in+8, p14+7, 1); -} - -/* forward des encryption with a 128 bit key */ -void des_crypt128(unsigned char out[8], const unsigned char in[8], const unsigned char key[16]) -{ - unsigned char buf[8]; - - des_crypt56(buf, in, key, 1); - des_crypt56(out, buf, key+9, 1); -} - -/* forward des encryption with a 64 bit key */ -void des_crypt64(unsigned char out[8], const unsigned char in[8], const unsigned char key[8]) -{ - unsigned char buf[8]; - unsigned char key2[8]; - - memset(key2,'\0',8); - des_crypt56(buf, in, key, 1); - key2[0] = key[7]; - des_crypt56(out, buf, key2, 1); -} - -/* des encryption with a 112 bit (14 byte) key */ -/* Note that if the forw is 1, and key is actually 8 bytes of key, followed by 6 bytes of zeros, - this is identical to des_crypt64(). JRA. */ - -void des_crypt112(unsigned char out[8], const unsigned char in[8], const unsigned char key[14], int forw) -{ - unsigned char buf[8]; - des_crypt56(buf, in, key, forw); - des_crypt56(out, buf, key+7, forw); -} - -void cred_hash3(unsigned char *out, const unsigned char *in, const unsigned char *key, int forw) -{ - unsigned char key2[8]; - - memset(key2,'\0',8); - des_crypt56(out, in, key, forw); - key2[0] = key[7]; - des_crypt56(out + 8, in + 8, key2, forw); -} - -/* des encryption of a 16 byte lump of data with a 112 bit key */ -/* Note that if the key is actually 8 bytes of key, followed by 6 bytes of zeros, - this is identical to cred_hash3(). JRA. */ - -void des_crypt112_16(unsigned char out[16], unsigned char in[16], const unsigned char key[14], int forw) -{ - des_crypt56(out, in, key, forw); - des_crypt56(out + 8, in + 8, key+7, forw); -} - -/***************************************************************** - arc4 crypt/decrypt with a 16 byte key. -*****************************************************************/ - -void SamOEMhash( unsigned char *data, const unsigned char key[16], size_t len) -{ - struct arcfour_state arc4_state; - const DATA_BLOB keyblob = data_blob_const(key, 16); - - arcfour_init(&arc4_state, &keyblob); - arcfour_crypt_sbox(&arc4_state, data, len); -} - -void SamOEMhashBlob( unsigned char *data, size_t len, DATA_BLOB *key) -{ - struct arcfour_state arc4_state; - - arcfour_init(&arc4_state, key); - arcfour_crypt_sbox(&arc4_state, data, len); -} - -/* Decode a sam password hash into a password. The password hash is the - same method used to store passwords in the NT registry. The DES key - used is based on the RID of the user. */ - -void sam_pwd_hash(unsigned int rid, const uchar *in, uchar *out, int forw) -{ - uchar s[14]; - - s[0] = s[4] = s[8] = s[12] = (uchar)(rid & 0xFF); - s[1] = s[5] = s[9] = s[13] = (uchar)((rid >> 8) & 0xFF); - s[2] = s[6] = s[10] = (uchar)((rid >> 16) & 0xFF); - s[3] = s[7] = s[11] = (uchar)((rid >> 24) & 0xFF); - - des_crypt56(out, in, s, forw); - des_crypt56(out+8, in+8, s+7, forw); -} diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c deleted file mode 100644 index 27702b9f42..0000000000 --- a/source3/libsmb/smbencrypt.c +++ /dev/null @@ -1,898 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SMB parameters and setup - Copyright (C) Andrew Tridgell 1992-1998 - Modified by Jeremy Allison 1995. - Copyright (C) Jeremy Allison 1995-2000. - Copyright (C) Luke Kennethc Casson Leighton 1996-2000. - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "../lib/util/byteorder.h" - -void SMBencrypt_hash(const uchar lm_hash[16], const uchar *c8, uchar p24[24]) -{ - uchar p21[21]; - - memset(p21,'\0',21); - memcpy(p21, lm_hash, 16); - - SMBOWFencrypt(p21, c8, p24); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("SMBencrypt_hash: lm#, challenge, response\n")); - dump_data(100, p21, 16); - dump_data(100, c8, 8); - dump_data(100, p24, 24); -#endif -} - -/* - This implements the X/Open SMB password encryption - It takes a password ('unix' string), a 8 byte "crypt key" - and puts 24 bytes of encrypted password into p24 - - Returns False if password must have been truncated to create LM hash -*/ - -bool SMBencrypt(const char *passwd, const uchar *c8, uchar p24[24]) -{ - bool ret; - uchar lm_hash[16]; - - ret = E_deshash(passwd, lm_hash); - SMBencrypt_hash(lm_hash, c8, p24); - return ret; -} - -/** - * Creates the MD4 Hash of the users password in NT UNICODE. - * @param passwd password in 'unix' charset. - * @param p16 return password hashed with md4, caller allocated 16 byte buffer - */ - -void E_md4hash(const char *passwd, uchar p16[16]) -{ - int len; - smb_ucs2_t wpwd[129]; - - /* Password must be converted to NT unicode - null terminated. */ - push_ucs2(NULL, wpwd, (const char *)passwd, 256, STR_UNICODE|STR_NOALIGN|STR_TERMINATE); - /* Calculate length in bytes */ - len = strlen_w(wpwd) * sizeof(int16); - - mdfour(p16, (unsigned char *)wpwd, len); - ZERO_STRUCT(wpwd); -} - -/** - * Creates the MD5 Hash of a combination of 16 byte salt and 16 byte NT hash. - * @param 16 byte salt. - * @param 16 byte NT hash. - * @param 16 byte return hashed with md5, caller allocated 16 byte buffer - */ - -void E_md5hash(const uchar salt[16], const uchar nthash[16], uchar hash_out[16]) -{ - struct MD5Context tctx; - uchar array[32]; - - memset(hash_out, '\0', 16); - memcpy(array, salt, 16); - memcpy(&array[16], nthash, 16); - MD5Init(&tctx); - MD5Update(&tctx, array, 32); - MD5Final(hash_out, &tctx); -} - -/** - * Creates the DES forward-only Hash of the users password in DOS ASCII charset - * @param passwd password in 'unix' charset. - * @param p16 return password hashed with DES, caller allocated 16 byte buffer - * @return False if password was > 14 characters, and therefore may be incorrect, otherwise True - * @note p16 is filled in regardless - */ - -bool E_deshash(const char *passwd, uchar p16[16]) -{ - bool ret = True; - fstring dospwd; - ZERO_STRUCT(dospwd); - - /* Password must be converted to DOS charset - null terminated, uppercase. */ - push_ascii(dospwd, passwd, sizeof(dospwd), STR_UPPER|STR_TERMINATE); - - /* Only the fisrt 14 chars are considered, password need not be null terminated. */ - E_P16((const unsigned char *)dospwd, p16); - - if (strlen(dospwd) > 14) { - ret = False; - } - - ZERO_STRUCT(dospwd); - - return ret; -} - -/** - * Creates the MD4 and DES (LM) Hash of the users password. - * MD4 is of the NT Unicode, DES is of the DOS UPPERCASE password. - * @param passwd password in 'unix' charset. - * @param nt_p16 return password hashed with md4, caller allocated 16 byte buffer - * @param p16 return password hashed with des, caller allocated 16 byte buffer - */ - -/* Does both the NT and LM owfs of a user's password */ -void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16]) -{ - /* Calculate the MD4 hash (NT compatible) of the password */ - memset(nt_p16, '\0', 16); - E_md4hash(pwd, nt_p16); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("nt_lm_owf_gen: pwd, nt#\n")); - dump_data(120, (uint8 *)pwd, strlen(pwd)); - dump_data(100, nt_p16, 16); -#endif - - E_deshash(pwd, (uchar *)p16); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("nt_lm_owf_gen: pwd, lm#\n")); - dump_data(120, (uint8 *)pwd, strlen(pwd)); - dump_data(100, p16, 16); -#endif -} - -/* Does both the NTLMv2 owfs of a user's password */ -bool ntv2_owf_gen(const uchar owf[16], - const char *user_in, const char *domain_in, - bool upper_case_domain, /* Transform the domain into UPPER case */ - uchar kr_buf[16]) -{ - smb_ucs2_t *user; - smb_ucs2_t *domain; - - size_t user_byte_len; - size_t domain_byte_len; - - HMACMD5Context ctx; - - if (!push_ucs2_talloc(NULL, &user, user_in, &user_byte_len)) { - DEBUG(0, ("push_uss2_talloc() for user failed: %s\n", - strerror(errno))); - return False; - } - - if (!push_ucs2_talloc(NULL, &domain, domain_in, &domain_byte_len)) { - DEBUG(0, ("push_uss2_talloc() for domain failed: %s\n", - strerror(errno))); - TALLOC_FREE(user); - return False; - } - - strupper_w(user); - - if (upper_case_domain) - strupper_w(domain); - - SMB_ASSERT(user_byte_len >= 2); - SMB_ASSERT(domain_byte_len >= 2); - - /* We don't want null termination */ - user_byte_len = user_byte_len - 2; - domain_byte_len = domain_byte_len - 2; - - hmac_md5_init_limK_to_64(owf, 16, &ctx); - hmac_md5_update((const unsigned char *)user, user_byte_len, &ctx); - hmac_md5_update((const unsigned char *)domain, domain_byte_len, &ctx); - hmac_md5_final(kr_buf, &ctx); - -#ifdef DEBUG_PASSWORD - DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n")); - dump_data(100, (uint8 *)user, user_byte_len); - dump_data(100, (uint8 *)domain, domain_byte_len); - dump_data(100, (uint8 *)owf, 16); - dump_data(100, (uint8 *)kr_buf, 16); -#endif - - TALLOC_FREE(user); - TALLOC_FREE(domain); - return True; -} - -/* Does the des encryption from the NT or LM MD4 hash. */ -void SMBOWFencrypt(const uchar passwd[16], const uchar *c8, uchar p24[24]) -{ - uchar p21[21]; - - ZERO_STRUCT(p21); - - memcpy(p21, passwd, 16); - E_P24(p21, c8, p24); -} - -/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */ -void NTLMSSPOWFencrypt(const uchar passwd[8], const uchar *ntlmchalresp, uchar p24[24]) -{ - uchar p21[21]; - - memset(p21,'\0',21); - memcpy(p21, passwd, 8); - memset(p21 + 8, 0xbd, 8); - - E_P24(p21, ntlmchalresp, p24); -#ifdef DEBUG_PASSWORD - DEBUG(100,("NTLMSSPOWFencrypt: p21, c8, p24\n")); - dump_data(100, p21, 21); - dump_data(100, ntlmchalresp, 8); - dump_data(100, p24, 24); -#endif -} - - -/* Does the des encryption. */ - -void SMBNTencrypt_hash(const uchar nt_hash[16], uchar *c8, uchar *p24) -{ - uchar p21[21]; - - memset(p21,'\0',21); - memcpy(p21, nt_hash, 16); - SMBOWFencrypt(p21, c8, p24); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n")); - dump_data(100, p21, 16); - dump_data(100, c8, 8); - dump_data(100, p24, 24); -#endif -} - -/* Does the NT MD4 hash then des encryption. Plaintext version of the above. */ - -void SMBNTencrypt(const char *passwd, uchar *c8, uchar *p24) -{ - uchar nt_hash[16]; - E_md4hash(passwd, nt_hash); - SMBNTencrypt_hash(nt_hash, c8, p24); -} - -/* Does the md5 encryption from the Key Response for NTLMv2. */ -void SMBOWFencrypt_ntv2(const uchar kr[16], - const DATA_BLOB *srv_chal, - const DATA_BLOB *cli_chal, - uchar resp_buf[16]) -{ - HMACMD5Context ctx; - - hmac_md5_init_limK_to_64(kr, 16, &ctx); - hmac_md5_update(srv_chal->data, srv_chal->length, &ctx); - hmac_md5_update(cli_chal->data, cli_chal->length, &ctx); - hmac_md5_final(resp_buf, &ctx); - -#ifdef DEBUG_PASSWORD - DEBUG(100, ("SMBOWFencrypt_ntv2: srv_chal, cli_chal, resp_buf\n")); - dump_data(100, srv_chal->data, srv_chal->length); - dump_data(100, cli_chal->data, cli_chal->length); - dump_data(100, resp_buf, 16); -#endif -} - -void SMBsesskeygen_ntv2(const uchar kr[16], - const uchar * nt_resp, uint8 sess_key[16]) -{ - /* a very nice, 128 bit, variable session key */ - - HMACMD5Context ctx; - - hmac_md5_init_limK_to_64(kr, 16, &ctx); - hmac_md5_update(nt_resp, 16, &ctx); - hmac_md5_final((unsigned char *)sess_key, &ctx); - -#ifdef DEBUG_PASSWORD - DEBUG(100, ("SMBsesskeygen_ntv2:\n")); - dump_data(100, sess_key, 16); -#endif -} - -void SMBsesskeygen_ntv1(const uchar kr[16], - const uchar * nt_resp, uint8 sess_key[16]) -{ - /* yes, this session key does not change - yes, this - is a problem - but it is 128 bits */ - - mdfour((unsigned char *)sess_key, kr, 16); - -#ifdef DEBUG_PASSWORD - DEBUG(100, ("SMBsesskeygen_ntv1:\n")); - dump_data(100, sess_key, 16); -#endif -} - -void SMBsesskeygen_lm_sess_key(const uchar lm_hash[16], - const uchar lm_resp[24], /* only uses 8 */ - uint8 sess_key[16]) -{ - uchar p24[24]; - uchar partial_lm_hash[16]; - - memcpy(partial_lm_hash, lm_hash, 8); - memset(partial_lm_hash + 8, 0xbd, 8); - - SMBOWFencrypt(partial_lm_hash, lm_resp, p24); - - memcpy(sess_key, p24, 16); - -#ifdef DEBUG_PASSWORD - DEBUG(100, ("SMBsesskeygen_lmv1_jerry:\n")); - dump_data(100, sess_key, 16); -#endif -} - -DATA_BLOB NTLMv2_generate_names_blob(const char *hostname, - const char *domain) -{ - DATA_BLOB names_blob = data_blob_null; - - msrpc_gen(&names_blob, "aaa", - NTLMSSP_NAME_TYPE_DOMAIN, domain, - NTLMSSP_NAME_TYPE_SERVER, hostname, - 0, ""); - return names_blob; -} - -static DATA_BLOB NTLMv2_generate_client_data(const DATA_BLOB *names_blob) -{ - uchar client_chal[8]; - DATA_BLOB response = data_blob_null; - char long_date[8]; - - generate_random_buffer(client_chal, sizeof(client_chal)); - - put_long_date(long_date, time(NULL)); - - /* See http://www.ubiqx.org/cifs/SMB.html#SMB.8.5 */ - - msrpc_gen(&response, "ddbbdb", - 0x00000101, /* Header */ - 0, /* 'Reserved' */ - long_date, 8, /* Timestamp */ - client_chal, 8, /* client challenge */ - 0, /* Unknown */ - names_blob->data, names_blob->length); /* End of name list */ - - return response; -} - -static DATA_BLOB NTLMv2_generate_response(const uchar ntlm_v2_hash[16], - const DATA_BLOB *server_chal, - const DATA_BLOB *names_blob) -{ - uchar ntlmv2_response[16]; - DATA_BLOB ntlmv2_client_data; - DATA_BLOB final_response; - - /* NTLMv2 */ - /* generate some data to pass into the response function - including - the hostname and domain name of the server */ - ntlmv2_client_data = NTLMv2_generate_client_data(names_blob); - - /* Given that data, and the challenge from the server, generate a response */ - SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &ntlmv2_client_data, ntlmv2_response); - - final_response = data_blob(NULL, sizeof(ntlmv2_response) + ntlmv2_client_data.length); - - memcpy(final_response.data, ntlmv2_response, sizeof(ntlmv2_response)); - - memcpy(final_response.data+sizeof(ntlmv2_response), - ntlmv2_client_data.data, ntlmv2_client_data.length); - - data_blob_free(&ntlmv2_client_data); - - return final_response; -} - -static DATA_BLOB LMv2_generate_response(const uchar ntlm_v2_hash[16], - const DATA_BLOB *server_chal) -{ - uchar lmv2_response[16]; - DATA_BLOB lmv2_client_data = data_blob(NULL, 8); - DATA_BLOB final_response = data_blob(NULL, 24); - - /* LMv2 */ - /* client-supplied random data */ - generate_random_buffer(lmv2_client_data.data, lmv2_client_data.length); - - /* Given that data, and the challenge from the server, generate a response */ - SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &lmv2_client_data, lmv2_response); - memcpy(final_response.data, lmv2_response, sizeof(lmv2_response)); - - /* after the first 16 bytes is the random data we generated above, - so the server can verify us with it */ - memcpy(final_response.data+sizeof(lmv2_response), - lmv2_client_data.data, lmv2_client_data.length); - - data_blob_free(&lmv2_client_data); - - return final_response; -} - -bool SMBNTLMv2encrypt_hash(const char *user, const char *domain, const uchar nt_hash[16], - const DATA_BLOB *server_chal, - const DATA_BLOB *names_blob, - DATA_BLOB *lm_response, DATA_BLOB *nt_response, - DATA_BLOB *user_session_key) -{ - uchar ntlm_v2_hash[16]; - - /* We don't use the NT# directly. Instead we use it mashed up with - the username and domain. - This prevents username swapping during the auth exchange - */ - if (!ntv2_owf_gen(nt_hash, user, domain, False, ntlm_v2_hash)) { - return False; - } - - if (nt_response) { - *nt_response = NTLMv2_generate_response(ntlm_v2_hash, server_chal, - names_blob); - if (user_session_key) { - *user_session_key = data_blob(NULL, 16); - - /* The NTLMv2 calculations also provide a session key, for signing etc later */ - /* use only the first 16 bytes of nt_response for session key */ - SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, user_session_key->data); - } - } - - /* LMv2 */ - - if (lm_response) { - *lm_response = LMv2_generate_response(ntlm_v2_hash, server_chal); - } - - return True; -} - -/* Plaintext version of the above. */ - -bool SMBNTLMv2encrypt(const char *user, const char *domain, const char *password, - const DATA_BLOB *server_chal, - const DATA_BLOB *names_blob, - DATA_BLOB *lm_response, DATA_BLOB *nt_response, - DATA_BLOB *user_session_key) -{ - uchar nt_hash[16]; - E_md4hash(password, nt_hash); - - return SMBNTLMv2encrypt_hash(user, domain, nt_hash, - server_chal, - names_blob, - lm_response, nt_response, - user_session_key); -} - -/*********************************************************** - encode a password buffer with a unicode password. The buffer - is filled with random data to make it harder to attack. -************************************************************/ -bool encode_pw_buffer(uint8 buffer[516], const char *password, int string_flags) -{ - uchar new_pw[512]; - size_t new_pw_len; - - /* the incoming buffer can be any alignment. */ - string_flags |= STR_NOALIGN; - - new_pw_len = push_string_check(new_pw, - password, - sizeof(new_pw), string_flags); - - memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len); - - generate_random_buffer(buffer, 512 - new_pw_len); - - /* - * The length of the new password is in the last 4 bytes of - * the data buffer. - */ - SIVAL(buffer, 512, new_pw_len); - ZERO_STRUCT(new_pw); - return True; -} - - -/*********************************************************** - decode a password buffer - *new_pw_len is the length in bytes of the possibly mulitbyte - returned password including termination. -************************************************************/ - -bool decode_pw_buffer(TALLOC_CTX *ctx, - uint8 in_buffer[516], - char **pp_new_pwrd, - uint32 *new_pw_len, - int string_flags) -{ - int byte_len=0; - - *pp_new_pwrd = NULL; - *new_pw_len = 0; - - /* the incoming buffer can be any alignment. */ - string_flags |= STR_NOALIGN; - - /* - Warning !!! : This function is called from some rpc call. - The password IN the buffer may be a UNICODE string. - The password IN new_pwrd is an ASCII string - If you reuse that code somewhere else check first. - */ - - /* The length of the new password is in the last 4 bytes of the data buffer. */ - - byte_len = IVAL(in_buffer, 512); - -#ifdef DEBUG_PASSWORD - dump_data(100, in_buffer, 516); -#endif - - /* Password cannot be longer than the size of the password buffer */ - if ( (byte_len < 0) || (byte_len > 512)) { - DEBUG(0, ("decode_pw_buffer: incorrect password length (%d).\n", byte_len)); - DEBUG(0, ("decode_pw_buffer: check that 'encrypt passwords = yes'\n")); - return false; - } - - /* decode into the return buffer. */ - *new_pw_len = pull_string_talloc(ctx, - NULL, - 0, - pp_new_pwrd, - &in_buffer[512 - byte_len], - byte_len, - string_flags); - - if (!*pp_new_pwrd || *new_pw_len == 0) { - DEBUG(0, ("decode_pw_buffer: pull_string_talloc failed\n")); - return false; - } - -#ifdef DEBUG_PASSWORD - DEBUG(100,("decode_pw_buffer: new_pwrd: ")); - dump_data(100, (uint8 *)*pp_new_pwrd, *new_pw_len); - DEBUG(100,("multibyte len:%d\n", *new_pw_len)); - DEBUG(100,("original char len:%d\n", byte_len/2)); -#endif - - return true; -} - -/*********************************************************** - Decode an arc4 encrypted password change buffer. -************************************************************/ - -void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_BLOB *psession_key) -{ - struct MD5Context tctx; - unsigned char key_out[16]; - - /* Confounder is last 16 bytes. */ - - MD5Init(&tctx); - MD5Update(&tctx, &pw_buf[516], 16); - MD5Update(&tctx, psession_key->data, psession_key->length); - MD5Final(key_out, &tctx); - /* arc4 with key_out. */ - SamOEMhash(pw_buf, key_out, 516); -} - -/*********************************************************** - Encrypt/Decrypt used for LSA secrets and trusted domain - passwords. -************************************************************/ - -void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, int forward) -{ - int i, k; - - for (i=0,k=0; - i<in->length; - i += 8, k += 7) { - uint8 bin[8], bout[8], key[7]; - - memset(bin, 0, 8); - memcpy(bin, &in->data[i], MIN(8, in->length-i)); - - if (k + 7 > session_key->length) { - k = (session_key->length - k); - } - memcpy(key, &session_key->data[k], 7); - - des_crypt56(bout, bin, key, forward?1:0); - - memcpy(&out->data[i], bout, MIN(8, in->length-i)); - } -} - -/* Decrypts password-blob with session-key - * @param nt_hash NT hash for the session key - * @param data_in DATA_BLOB encrypted password - * - * Returns cleartext password in CH_UNIX - * Caller must free the returned string - */ - -char *decrypt_trustdom_secret(uint8_t nt_hash[16], DATA_BLOB *data_in) -{ - DATA_BLOB data_out, sess_key; - uint32_t length; - uint32_t version; - fstring cleartextpwd; - - if (!data_in || !nt_hash) - return NULL; - - /* hashed twice with md4 */ - mdfour(nt_hash, nt_hash, 16); - - /* 16-Byte session-key */ - sess_key = data_blob(nt_hash, 16); - if (sess_key.data == NULL) - return NULL; - - data_out = data_blob(NULL, data_in->length); - if (data_out.data == NULL) - return NULL; - - /* decrypt with des3 */ - sess_crypt_blob(&data_out, data_in, &sess_key, 0); - - /* 4 Byte length, 4 Byte version */ - length = IVAL(data_out.data, 0); - version = IVAL(data_out.data, 4); - - if (length > data_in->length - 8) { - DEBUG(0,("decrypt_trustdom_secret: invalid length (%d)\n", length)); - return NULL; - } - - if (version != 1) { - DEBUG(0,("decrypt_trustdom_secret: unknown version number (%d)\n", version)); - return NULL; - } - - rpcstr_pull(cleartextpwd, data_out.data + 8, sizeof(fstring), length, 0 ); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("decrypt_trustdom_secret: length is: %d, version is: %d, password is: %s\n", - length, version, cleartextpwd)); -#endif - - data_blob_free(&data_out); - data_blob_free(&sess_key); - - return SMB_STRDUP(cleartextpwd); - -} - -/* encode a wkssvc_PasswordBuffer: - * - * similar to samr_CryptPasswordEx. Different: 8byte confounder (instead of - * 16byte), confounder in front of the 516 byte buffer (instead of after that - * buffer), calling MD5Update() first with session_key and then with confounder - * (vice versa in samr) - Guenther */ - -void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx, - const char *pwd, - DATA_BLOB *session_key, - struct wkssvc_PasswordBuffer **pwd_buf) -{ - uint8_t buffer[516]; - struct MD5Context ctx; - struct wkssvc_PasswordBuffer *my_pwd_buf = NULL; - DATA_BLOB confounded_session_key; - int confounder_len = 8; - uint8_t confounder[8]; - - my_pwd_buf = talloc_zero(mem_ctx, struct wkssvc_PasswordBuffer); - if (!my_pwd_buf) { - return; - } - - confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16); - - encode_pw_buffer(buffer, pwd, STR_UNICODE); - - generate_random_buffer((uint8_t *)confounder, confounder_len); - - MD5Init(&ctx); - MD5Update(&ctx, session_key->data, session_key->length); - MD5Update(&ctx, confounder, confounder_len); - MD5Final(confounded_session_key.data, &ctx); - - SamOEMhashBlob(buffer, 516, &confounded_session_key); - - memcpy(&my_pwd_buf->data[0], confounder, confounder_len); - memcpy(&my_pwd_buf->data[8], buffer, 516); - - data_blob_free(&confounded_session_key); - - *pwd_buf = my_pwd_buf; -} - -WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx, - struct wkssvc_PasswordBuffer *pwd_buf, - DATA_BLOB *session_key, - char **pwd) -{ - uint8_t buffer[516]; - struct MD5Context ctx; - uint32_t pwd_len; - - DATA_BLOB confounded_session_key; - - int confounder_len = 8; - uint8_t confounder[8]; - - *pwd = NULL; - - if (!pwd_buf) { - return WERR_BAD_PASSWORD; - } - - if (session_key->length != 16) { - DEBUG(10,("invalid session key\n")); - return WERR_BAD_PASSWORD; - } - - confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16); - - memcpy(&confounder, &pwd_buf->data[0], confounder_len); - memcpy(&buffer, &pwd_buf->data[8], 516); - - MD5Init(&ctx); - MD5Update(&ctx, session_key->data, session_key->length); - MD5Update(&ctx, confounder, confounder_len); - MD5Final(confounded_session_key.data, &ctx); - - SamOEMhashBlob(buffer, 516, &confounded_session_key); - - if (!decode_pw_buffer(mem_ctx, buffer, pwd, &pwd_len, STR_UNICODE)) { - data_blob_free(&confounded_session_key); - return WERR_BAD_PASSWORD; - } - - data_blob_free(&confounded_session_key); - - return WERR_OK; -} - -DATA_BLOB decrypt_drsuapi_blob(TALLOC_CTX *mem_ctx, - const DATA_BLOB *session_key, - bool rcrypt, - uint32_t rid, - const DATA_BLOB *buffer) -{ - DATA_BLOB confounder; - DATA_BLOB enc_buffer; - - struct MD5Context md5; - uint8_t _enc_key[16]; - DATA_BLOB enc_key; - - DATA_BLOB dec_buffer; - - uint32_t crc32_given; - uint32_t crc32_calc; - DATA_BLOB checked_buffer; - - DATA_BLOB plain_buffer; - - /* - * the combination "c[3] s[1] e[1] d[0]..." - * was successful!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - - /* - * the first 16 bytes at the beginning are the confounder - * followed by the 4 byte crc32 checksum - */ - if (buffer->length < 20) { - return data_blob_const(NULL, 0); - } - confounder = data_blob_const(buffer->data, 16); - enc_buffer = data_blob_const(buffer->data + 16, buffer->length - 16); - - /* - * build the encryption key md5 over the session key followed - * by the confounder - * - * here the gensec session key is used and - * not the dcerpc ncacn_ip_tcp "SystemLibraryDTC" key! - */ - enc_key = data_blob_const(_enc_key, sizeof(_enc_key)); - MD5Init(&md5); - MD5Update(&md5, session_key->data, session_key->length); - MD5Update(&md5, confounder.data, confounder.length); - MD5Final(enc_key.data, &md5); - - /* - * copy the encrypted buffer part and - * decrypt it using the created encryption key using arcfour - */ - dec_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length); - if (!dec_buffer.data) { - return data_blob_const(NULL, 0); - } - SamOEMhashBlob(dec_buffer.data, dec_buffer.length, &enc_key); - - /* - * the first 4 byte are the crc32 checksum - * of the remaining bytes - */ - crc32_given = IVAL(dec_buffer.data, 0); - crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4); - if (crc32_given != crc32_calc) { - DEBUG(1,("CRC32: given[0x%08X] calc[0x%08X]\n", - crc32_given, crc32_calc)); - return data_blob_const(NULL, 0); - } - checked_buffer = data_blob_talloc(mem_ctx, dec_buffer.data + 4, dec_buffer.length - 4); - if (!checked_buffer.data) { - return data_blob_const(NULL, 0); - } - - /* - * some attributes seem to be in a usable form after this decryption - * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing, - * trustAuthIncoming, initialAuthOutgoing, initialAuthIncoming) - * At least supplementalCredentials contains plaintext - * like "Primary:Kerberos" (in unicode form) - * - * some attributes seem to have some additional encryption - * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory - * - * it's the sam_rid_crypt() function, as the value is constant, - * so it doesn't depend on sessionkeys. - */ - if (rcrypt) { - uint32_t i, num_hashes; - - if ((checked_buffer.length % 16) != 0) { - return data_blob_const(NULL, 0); - } - - plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length); - if (!plain_buffer.data) { - return data_blob_const(NULL, 0); - } - - num_hashes = plain_buffer.length / 16; - for (i = 0; i < num_hashes; i++) { - uint32_t offset = i * 16; - sam_pwd_hash(rid, checked_buffer.data + offset, plain_buffer.data + offset, 0); - } - } else { - plain_buffer = checked_buffer; - } - - return plain_buffer; -} - - diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index 5b6bc00c57..929816e92d 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include "../libcli/auth/libcli_auth.h" /********************************************************* Change the domain password on the PDC. |