/* * Copyright (c) 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include RCSID("$Id: ntlm.c,v 1.8 2006/12/26 00:25:17 lha Exp $"); #include #include #include #include #include #include #include #include #include #include "krb5-types.h" #include "crypto-headers.h" #include struct sec_buffer { uint16_t length; uint16_t allocated; uint32_t offset; }; static const unsigned char ntlmsigature[8] = "NTLMSSP\x00"; /* * */ #define CHECK(f, e) \ do { ret = f ; if (ret != (e)) { ret = EINVAL; goto out; } } while(0) static void _ntlm_free_buf(struct ntlm_buf *p) { if (p->data) free(p->data); p->data = NULL; p->length = 0; } static int ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf) { unsigned char *p; size_t len, i; len = strlen(string); if (len / 2 > UINT_MAX) return ERANGE; buf->length = len * 2; buf->data = malloc(buf->length); if (buf->data == NULL && len != 0) { _ntlm_free_buf(buf); return ENOMEM; } p = buf->data; for (i = 0; i < len; i++) { unsigned char t = (unsigned char)string[i]; if (t & 0x80) { _ntlm_free_buf(buf); return EINVAL; } if (up) t = toupper(t); p[(i * 2) + 0] = t; p[(i * 2) + 1] = 0; } return 0; } /* * */ static krb5_error_code ret_sec_buffer(krb5_storage *sp, struct sec_buffer *buf) { krb5_error_code ret; CHECK(krb5_ret_uint16(sp, &buf->length), 0); CHECK(krb5_ret_uint16(sp, &buf->allocated), 0); CHECK(krb5_ret_uint32(sp, &buf->offset), 0); out: return ret; } static krb5_error_code store_sec_buffer(krb5_storage *sp, const struct sec_buffer *buf) { krb5_error_code ret; CHECK(krb5_store_uint16(sp, buf->length), 0); CHECK(krb5_store_uint16(sp, buf->allocated), 0); CHECK(krb5_store_uint32(sp, buf->offset), 0); out: return ret; } /* * Strings are either OEM or UNICODE. The later is encoded as ucs2 on * wire, but using utf8 in memory. */ static krb5_error_code len_string(int ucs2, const char *s) { size_t len = strlen(s); if (ucs2) len *= 2; return len; } static krb5_error_code ret_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s) { krb5_error_code ret; *s = malloc(desc->length + 1); CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); CHECK(krb5_storage_read(sp, *s, desc->length), desc->length); (*s)[desc->length] = '\0'; if (ucs2) { size_t i; for (i = 0; i < desc->length / 2; i++) { (*s)[i] = (*s)[i * 2]; if ((*s)[i * 2 + 1]) { free(*s); *s = NULL; return EINVAL; } } (*s)[i] = '\0'; } ret = 0; out: return ret; return 0; } static krb5_error_code put_string(krb5_storage *sp, int ucs2, const char *s) { krb5_error_code ret; struct ntlm_buf buf; if (ucs2) { ret = ascii2ucs2le(s, 0, &buf); if (ret) return ret; } else { buf.data = rk_UNCONST(s); buf.length = strlen(s); } CHECK(krb5_storage_write(sp, buf.data, buf.length), buf.length); if (ucs2) _ntlm_free_buf(&buf); ret = 0; out: return ret; } /* * */ static krb5_error_code ret_buf(krb5_storage *sp, struct sec_buffer *desc, struct ntlm_buf *buf) { krb5_error_code ret; buf->data = malloc(desc->length); buf->length = desc->length; CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); CHECK(krb5_storage_read(sp, buf->data, buf->length), buf->length); ret = 0; out: return ret; } static krb5_error_code put_buf(krb5_storage *sp, struct ntlm_buf *buf) { krb5_error_code ret; CHECK(krb5_storage_write(sp, buf->data, buf->length), buf->length); ret = 0; out: return ret; } /* * */ void heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti) { free(ti->servername); free(ti->domainname); free(ti->dnsdomainname); free(ti->dnsservername); memset(ti, 0, sizeof(*ti)); } static int encode_ti_blob(krb5_storage *out, uint16_t type, int ucs2, char *s) { krb5_error_code ret; CHECK(krb5_store_uint16(out, type), 0); CHECK(krb5_store_uint16(out, len_string(ucs2, s)), 0); CHECK(put_string(out, ucs2, s), 0); out: return ret; } int heim_ntlm_encode_targetinfo(struct ntlm_targetinfo *ti, int ucs2, struct ntlm_buf *data) { krb5_error_code ret; krb5_storage *out; data->data = NULL; data->length = 0; out = krb5_storage_emem(); if (out == NULL) return ENOMEM; if (ti->servername) CHECK(encode_ti_blob(out, 1, ucs2, ti->servername), 0); if (ti->domainname) CHECK(encode_ti_blob(out, 2, ucs2, ti->domainname), 0); if (ti->dnsservername) CHECK(encode_ti_blob(out, 3, ucs2, ti->dnsservername), 0); if (ti->dnsdomainname) CHECK(encode_ti_blob(out, 4, ucs2, ti->dnsdomainname), 0); /* end tag */ CHECK(krb5_store_int16(out, 0), 0); CHECK(krb5_store_int16(out, 0), 0); { krb5_data d; ret = krb5_storage_to_data(out, &d); data->data = d.data; data->length = d.length; } out: krb5_storage_free(out); return ret; } int heim_ntlm_decode_targetinfo(struct ntlm_buf *data, int ucs2, struct ntlm_targetinfo *ti) { memset(ti, 0, sizeof(*ti)); return 0; } /* * encoder/decoder type1 messages */ void heim_ntlm_free_type1(struct ntlm_type1 *data) { free(data->domain); free(data->hostname); memset(data, 0, sizeof(*data)); } int heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data) { krb5_error_code ret; unsigned char sig[8]; uint32_t type; struct sec_buffer domain, hostname; krb5_storage *in; memset(data, 0, sizeof(*data)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { ret = EINVAL; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); CHECK(krb5_ret_uint32(in, &type), 0); CHECK(type, 1); CHECK(krb5_ret_uint32(in, &data->flags), 0); if (data->flags & NTLM_SUPPLIED_DOMAIN) CHECK(ret_sec_buffer(in, &domain), 0); if (data->flags & NTLM_SUPPLIED_WORKSTAION) CHECK(ret_sec_buffer(in, &hostname), 0); #if 0 if (domain.offset > 32) { CHECK(krb5_ret_uint32(in, &data->os[0]), 0); CHECK(krb5_ret_uint32(in, &data->os[1]), 0); } #endif if (data->flags & NTLM_SUPPLIED_DOMAIN) CHECK(ret_string(in, 0, &domain, &data->domain), 0); if (data->flags & NTLM_SUPPLIED_WORKSTAION) CHECK(ret_string(in, 0, &hostname, &data->hostname), 0); out: krb5_storage_free(in); if (ret) heim_ntlm_free_type1(data); return ret; } int heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data) { krb5_error_code ret; struct sec_buffer domain, hostname; krb5_storage *out; uint32_t base, flags; flags = type1->flags; base = 16; if (type1->domain) { base += 8; flags |= NTLM_SUPPLIED_DOMAIN; } if (type1->hostname) { base += 8; flags |= NTLM_SUPPLIED_WORKSTAION; } if (type1->os[0]) base += 8; if (type1->domain) { domain.offset = base; domain.length = len_string(0, type1->domain); domain.allocated = domain.length; } if (type1->hostname) { hostname.offset = domain.allocated + domain.offset; hostname.length = len_string(0, type1->hostname); hostname.allocated = hostname.length; } out = krb5_storage_emem(); if (out == NULL) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 1), 0); CHECK(krb5_store_uint32(out, flags), 0); if (type1->domain) CHECK(store_sec_buffer(out, &domain), 0); if (type1->hostname) CHECK(store_sec_buffer(out, &hostname), 0); if (type1->os[0]) { CHECK(krb5_store_uint32(out, type1->os[0]), 0); CHECK(krb5_store_uint32(out, type1->os[1]), 0); } if (type1->domain) CHECK(put_string(out, 0, type1->domain), 0); if (type1->hostname) CHECK(put_string(out, 0, type1->hostname), 0); { krb5_data d; ret = krb5_storage_to_data(out, &d); data->data = d.data; data->length = d.length; } out: krb5_storage_free(out); return ret; } /* * encoder/decoder type 2 messages */ void heim_ntlm_free_type2(struct ntlm_type2 *type2) { memset(type2, 0, sizeof(*type2)); } int heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2) { krb5_error_code ret; unsigned char sig[8]; uint32_t type, ctx[2]; struct sec_buffer targetname, targetinfo; krb5_storage *in; int ucs2 = 0; memset(type2, 0, sizeof(*type2)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { ret = EINVAL; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); CHECK(krb5_ret_uint32(in, &type), 0); CHECK(type, 2); CHECK(ret_sec_buffer(in, &targetname), 0); CHECK(krb5_ret_uint32(in, &type2->flags), 0); if (type2->flags & NTLM_NEG_UNICODE) ucs2 = 1; CHECK(krb5_storage_read(in, type2->challange, sizeof(type2->challange)), sizeof(type2->challange)); CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */ CHECK(krb5_ret_uint32(in, &ctx[1]), 0); CHECK(ret_sec_buffer(in, &targetinfo), 0); /* os version */ #if 0 CHECK(krb5_ret_uint32(in, &type2->os[0]), 0); CHECK(krb5_ret_uint32(in, &type2->os[1]), 0); #endif CHECK(ret_string(in, ucs2, &targetname, &type2->targetname), 0); CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0); ret = 0; out: krb5_storage_free(in); if (ret) heim_ntlm_free_type2(type2); return ret; } int heim_ntlm_encode_type2(struct ntlm_type2 *type2, struct ntlm_buf *data) { struct sec_buffer targetname, targetinfo; krb5_error_code ret; krb5_storage *out = NULL; uint32_t base; int ucs2 = 0; if (type2->os[0]) base = 56; else base = 48; if (type2->flags & NTLM_NEG_UNICODE) ucs2 = 1; targetname.offset = base; targetname.length = len_string(ucs2, type2->targetname); targetname.allocated = targetname.length; targetinfo.offset = targetname.allocated + targetname.offset; targetinfo.length = type2->targetinfo.length; targetinfo.allocated = type2->targetinfo.length; out = krb5_storage_emem(); if (out == NULL) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 2), 0); CHECK(store_sec_buffer(out, &targetname), 0); CHECK(krb5_store_uint32(out, type2->flags), 0); CHECK(krb5_storage_write(out, type2->challange, sizeof(type2->challange)), sizeof(type2->challange)); CHECK(krb5_store_uint32(out, 0), 0); /* context */ CHECK(krb5_store_uint32(out, 0), 0); CHECK(store_sec_buffer(out, &targetinfo), 0); /* os version */ if (type2->os[0]) { CHECK(krb5_store_uint32(out, type2->os[0]), 0); CHECK(krb5_store_uint32(out, type2->os[1]), 0); } CHECK(put_string(out, ucs2, type2->targetname), 0); CHECK(krb5_storage_write(out, type2->targetinfo.data, type2->targetinfo.length), type2->targetinfo.length); { krb5_data d; ret = krb5_storage_to_data(out, &d); data->data = d.data; data->length = d.length; } out: krb5_storage_free(out); return ret; } /* * encoder/decoder type 2 messages */ void heim_ntlm_free_type3(struct ntlm_type3 *data) { memset(data, 0, sizeof(*data)); } /* * */ int heim_ntlm_decode_type3(const struct ntlm_buf *buf, int ucs2, struct ntlm_type3 *type3) { krb5_error_code ret; unsigned char sig[8]; uint32_t type; krb5_storage *in; struct sec_buffer lm, ntlm, target, username, sessionkey, ws; memset(type3, 0, sizeof(*type3)); memset(&sessionkey, 0, sizeof(sessionkey)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { ret = EINVAL; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); CHECK(krb5_ret_uint32(in, &type), 0); CHECK(type, 3); CHECK(ret_sec_buffer(in, &lm), 0); CHECK(ret_sec_buffer(in, &ntlm), 0); CHECK(ret_sec_buffer(in, &target), 0); CHECK(ret_sec_buffer(in, &username), 0); CHECK(ret_sec_buffer(in, &ws), 0); if (lm.offset >= 60) { CHECK(ret_sec_buffer(in, &sessionkey), 0); } if (lm.offset >= 64) { CHECK(krb5_ret_uint32(in, &type3->flags), 0); } if (lm.offset >= 72) { CHECK(krb5_ret_uint32(in, &type3->os[0]), 0); CHECK(krb5_ret_uint32(in, &type3->os[1]), 0); } CHECK(ret_buf(in, &lm, &type3->lm), 0); CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0); CHECK(ret_string(in, ucs2, &target, &type3->targetname), 0); CHECK(ret_string(in, ucs2, &username, &type3->username), 0); CHECK(ret_string(in, ucs2, &username, &type3->ws), 0); if (sessionkey.offset) CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0); out: krb5_storage_free(in); if (ret) heim_ntlm_free_type3(type3); return ret; } int heim_ntlm_encode_type3(struct ntlm_type3 *type3, struct ntlm_buf *data) { struct sec_buffer lm, ntlm, target, username, sessionkey, ws; krb5_error_code ret; krb5_storage *out = NULL; uint32_t base; int ucs2 = 0; memset(&lm, 0, sizeof(lm)); memset(&ntlm, 0, sizeof(ntlm)); memset(&target, 0, sizeof(target)); memset(&username, 0, sizeof(username)); memset(&ws, 0, sizeof(ws)); memset(&sessionkey, 0, sizeof(sessionkey)); base = 52; if (type3->sessionkey.length) { base += 8; /* sessionkey sec buf */ base += 4; /* flags */ } if (type3->os[0]) { base += 8; } if (type3->flags & NTLM_NEG_UNICODE) ucs2 = 1; lm.offset = base; lm.length = type3->lm.length; lm.allocated = type3->lm.length; ntlm.offset = lm.offset + lm.allocated; ntlm.length = type3->ntlm.length; ntlm.allocated = ntlm.length; target.offset = ntlm.offset + ntlm.allocated; target.length = len_string(ucs2, type3->targetname); target.allocated = target.length; username.offset = target.offset + target.allocated; username.length = len_string(ucs2, type3->username); username.allocated = username.length; ws.offset = username.offset + username.allocated; ws.length = len_string(ucs2, type3->ws); ws.allocated = ws.length; sessionkey.offset = ws.offset + ws.allocated; sessionkey.length = type3->sessionkey.length; sessionkey.allocated = type3->sessionkey.length; out = krb5_storage_emem(); if (out == NULL) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 3), 0); CHECK(store_sec_buffer(out, &lm), 0); CHECK(store_sec_buffer(out, &ntlm), 0); CHECK(store_sec_buffer(out, &target), 0); CHECK(store_sec_buffer(out, &username), 0); CHECK(store_sec_buffer(out, &ws), 0); /* optional */ if (type3->sessionkey.length) { CHECK(store_sec_buffer(out, &sessionkey), 0); CHECK(krb5_store_uint32(out, type3->flags), 0); } #if 0 CHECK(krb5_store_uint32(out, 0), 0); /* os0 */ CHECK(krb5_store_uint32(out, 0), 0); /* os1 */ #endif CHECK(put_buf(out, &type3->lm), 0); CHECK(put_buf(out, &type3->ntlm), 0); CHECK(put_string(out, ucs2, type3->targetname), 0); CHECK(put_string(out, ucs2, type3->username), 0); CHECK(put_string(out, ucs2, type3->ws), 0); CHECK(put_buf(out, &type3->sessionkey), 0); { krb5_data d; ret = krb5_storage_to_data(out, &d); data->data = d.data; data->length = d.length; } out: krb5_storage_free(out); return ret; } /* * */ static void splitandenc(unsigned char *hash, unsigned char *challange, unsigned char *answer) { DES_cblock key; DES_key_schedule sched; ((unsigned char*)key)[0] = hash[0]; ((unsigned char*)key)[1] = (hash[0] << 7) | (hash[1] >> 1); ((unsigned char*)key)[2] = (hash[1] << 6) | (hash[2] >> 2); ((unsigned char*)key)[3] = (hash[2] << 5) | (hash[3] >> 3); ((unsigned char*)key)[4] = (hash[3] << 4) | (hash[4] >> 4); ((unsigned char*)key)[5] = (hash[4] << 3) | (hash[5] >> 5); ((unsigned char*)key)[6] = (hash[5] << 2) | (hash[6] >> 6); ((unsigned char*)key)[7] = (hash[6] << 1); DES_set_odd_parity(&key); DES_set_key(&key, &sched); DES_ecb_encrypt((DES_cblock *)challange, (DES_cblock *)answer, &sched, 1); memset(&sched, 0, sizeof(sched)); memset(key, 0, sizeof(key)); } int heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) { struct ntlm_buf buf; MD4_CTX ctx; int ret; key->data = malloc(MD5_DIGEST_LENGTH); if (key->data == NULL) return ENOMEM; key->length = MD5_DIGEST_LENGTH; ret = ascii2ucs2le(password, 0, &buf); if (ret) { _ntlm_free_buf(key); return ret; } MD4_Init(&ctx); MD4_Update(&ctx, buf.data, buf.length); MD4_Final(key->data, &ctx); _ntlm_free_buf(&buf); return 0; } int heim_ntlm_calculate_ntlm1(void *key, size_t len, unsigned char challange[8], struct ntlm_buf *answer) { unsigned char res[21]; if (len != MD4_DIGEST_LENGTH) return EINVAL; memcpy(res, key, len); memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH); answer->data = malloc(24); if (answer->data == NULL) return ENOMEM; answer->length = 24; splitandenc(&res[0], challange, ((unsigned char *)answer->data) + 0); splitandenc(&res[7], challange, ((unsigned char *)answer->data) + 8); splitandenc(&res[14], challange, ((unsigned char *)answer->data) + 16); return 0; } int heim_ntlm_build_ntlm1_master(void *key, size_t len, struct ntlm_buf *session, struct ntlm_buf *master) { RC4_KEY rc4; memset(master, 0, sizeof(*master)); memset(session, 0, sizeof(*session)); if (len != MD4_DIGEST_LENGTH) return EINVAL; session->length = MD4_DIGEST_LENGTH; session->data = malloc(session->length); if (session->data == NULL) { session->length = 0; return EINVAL; } master->length = MD4_DIGEST_LENGTH; master->data = malloc(master->length); if (master->data == NULL) { _ntlm_free_buf(master); _ntlm_free_buf(session); return EINVAL; } { unsigned char sessionkey[MD4_DIGEST_LENGTH]; MD4_CTX ctx; MD4_Init(&ctx); MD4_Update(&ctx, key, len); MD4_Final(sessionkey, &ctx); RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); } if (RAND_bytes(session->data, session->length) != 1) { _ntlm_free_buf(master); _ntlm_free_buf(session); return EINVAL; } RC4(&rc4, master->length, session->data, master->data); memset(&rc4, 0, sizeof(rc4)); return 0; } /* * */ void heim_ntlm_ntlmv2_key(const void *key, size_t len, const char *username, const char *target, unsigned char ntlmv2[16]) { unsigned int hmaclen; HMAC_CTX c; HMAC_CTX_init(&c); HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); { struct ntlm_buf buf; /* uppercase username and turn it inte ucs2-le */ ascii2ucs2le(username, 1, &buf); HMAC_Update(&c, buf.data, buf.length); free(buf.data); /* turn target into ucs2-le */ ascii2ucs2le(target, 0, &buf); HMAC_Update(&c, buf.data, buf.length); free(buf.data); } HMAC_Final(&c, ntlmv2, &hmaclen); HMAC_CTX_cleanup(&c); } /* * */ #define NTTIME_EPOCH 0x019DB1DED53E8000LL static uint64_t unix2nttime(time_t unix_time) { long long wt; wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH; return wt; } static time_t nt2unixtime(uint64_t t) { t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000); if (t > (((time_t)(~(uint64_t)0)) >> 1)) return 0; return (time_t)t; } int heim_ntlm_calculate_ntlm2(const void *key, size_t len, const char *username, const char *target, const unsigned char serverchallange[8], const struct ntlm_buf *infotarget, unsigned char ntlmv2[16], struct ntlm_buf *answer) { krb5_error_code ret; krb5_data data; unsigned int hmaclen; unsigned char ntlmv2answer[16]; krb5_storage *sp; unsigned char clientchallange[8]; HMAC_CTX c; uint64_t t; t = unix2nttime(time(NULL)); if (RAND_bytes(clientchallange, sizeof(clientchallange)) != 1) return EINVAL; /* calculate ntlmv2 key */ heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); /* calculate and build ntlmv2 answer */ sp = krb5_storage_emem(); if (sp == NULL) return ENOMEM; krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_store_uint32(sp, 0x01010000), 0); CHECK(krb5_store_uint32(sp, 0), 0); /* timestamp le 64 bit ts */ CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0); CHECK(krb5_store_uint32(sp, t >> 32), 0); CHECK(krb5_storage_write(sp, clientchallange, 8), 8); CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length), infotarget->length); /* unknown */ /* CHECK(krb5_store_uint32(sp, 0), 0); */ CHECK(krb5_storage_to_data(sp, &data), 0); krb5_storage_free(sp); sp = NULL; HMAC_CTX_init(&c); HMAC_Init_ex(&c, ntlmv2, sizeof(ntlmv2), EVP_md5(), NULL); HMAC_Update(&c, data.data, data.length); HMAC_Update(&c, serverchallange, 8); HMAC_Final(&c, ntlmv2answer, &hmaclen); HMAC_CTX_cleanup(&c); sp = krb5_storage_emem(); if (sp == NULL) { krb5_data_free(&data); return ENOMEM; } CHECK(krb5_storage_write(sp, ntlmv2answer, 16), 16); CHECK(krb5_storage_write(sp, data.data, data.length), data.length); krb5_data_free(&data); CHECK(krb5_storage_to_data(sp, &data), 0); krb5_storage_free(sp); sp = NULL; answer->data = data.data; answer->length = data.length; return 0; out: if (sp) krb5_storage_free(sp); return ret; } static const int authtimediff = 3600 * 2; /* 2 hours */ int heim_ntlm_verify_ntlm2(const void *key, size_t len, const char *username, const char *target, time_t now, const unsigned char serverchallange[8], const struct ntlm_buf *answer, struct ntlm_buf *infotarget, unsigned char ntlmv2[16]) { krb5_error_code ret; unsigned int hmaclen; unsigned char clientanswer[16]; unsigned char serveranswer[16]; krb5_storage *sp; HMAC_CTX c; uint64_t t; time_t authtime; uint32_t temp; infotarget->length = 0; infotarget->data = NULL; if (answer->length < 16) return EINVAL; if (now == 0) now = time(NULL); /* calculate ntlmv2 key */ heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); /* calculate and build ntlmv2 answer */ sp = krb5_storage_from_readonly_mem(answer->data, answer->length); if (sp == NULL) return ENOMEM; krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); CHECK(krb5_storage_read(sp, clientanswer, 16), 16); CHECK(krb5_ret_uint32(sp, &temp), 0); CHECK(temp, 0x01010000); CHECK(krb5_ret_uint32(sp, &temp), 0); CHECK(temp, 0); /* timestamp le 64 bit ts */ CHECK(krb5_ret_uint32(sp, &temp), 0); t = temp; CHECK(krb5_ret_uint32(sp, &temp), 0); t |= ((uint64_t)temp)<< 32; authtime = nt2unixtime(t); if (abs((int)(authtime - now)) > authtimediff) { ret = EINVAL; goto out; } /* client challange */ CHECK(krb5_storage_read(sp, serveranswer, 8), 8); infotarget->length = answer->length - 40; infotarget->data = malloc(infotarget->length); if (infotarget->data == NULL) { ret = ENOMEM; goto out; } CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length), infotarget->length); /* XXX remove the unknown uint32_t */ krb5_storage_free(sp); sp = NULL; HMAC_CTX_init(&c); HMAC_Init_ex(&c, ntlmv2, sizeof(ntlmv2), EVP_md5(), NULL); HMAC_Update(&c, ((char *)answer->data) + 16, answer->length - 16); HMAC_Update(&c, serverchallange, 8); HMAC_Final(&c, serveranswer, &hmaclen); HMAC_CTX_cleanup(&c); if (memcmp(serveranswer, clientanswer, 16) != 0) { _ntlm_free_buf(infotarget); return EINVAL; } return 0; out: _ntlm_free_buf(infotarget); if (sp) krb5_storage_free(sp); return ret; }