Line data Source code
1 : /*
2 : * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 : * (Royal Institute of Technology, Stockholm, Sweden).
4 : * All rights reserved.
5 : *
6 : * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
7 : *
8 : * Redistribution and use in source and binary forms, with or without
9 : * modification, are permitted provided that the following conditions
10 : * are met:
11 : *
12 : * 1. Redistributions of source code must retain the above copyright
13 : * notice, this list of conditions and the following disclaimer.
14 : *
15 : * 2. Redistributions in binary form must reproduce the above copyright
16 : * notice, this list of conditions and the following disclaimer in the
17 : * documentation and/or other materials provided with the distribution.
18 : *
19 : * 3. Neither the name of the Institute nor the names of its contributors
20 : * may be used to endorse or promote products derived from this software
21 : * without specific prior written permission.
22 : *
23 : * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 : * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 : * SUCH DAMAGE.
34 : */
35 :
36 : #include <config.h>
37 :
38 : #include <stdio.h>
39 : #include <stdlib.h>
40 : #include <assert.h>
41 : #include <string.h>
42 : #include <ctype.h>
43 : #include <errno.h>
44 : #include <limits.h>
45 :
46 : #include <roken.h>
47 : #include <parse_units.h>
48 : #include <krb5.h>
49 :
50 : #define HC_DEPRECATED_CRYPTO
51 :
52 : #include "krb5-types.h"
53 : #include "crypto-headers.h"
54 :
55 : #include <heimntlm.h>
56 :
57 : /*! \mainpage Heimdal NTLM library
58 : *
59 : * \section intro Introduction
60 : *
61 : * Heimdal libheimntlm library is a implementation of the NTLM
62 : * protocol, both version 1 and 2. The GSS-API mech that uses this
63 : * library adds support for transport encryption and integrity
64 : * checking.
65 : *
66 : * NTLM is a protocol for mutual authentication, its still used in
67 : * many protocol where Kerberos is not support, one example is
68 : * EAP/X802.1x mechanism LEAP from Microsoft and Cisco.
69 : *
70 : * This is a support library for the core protocol, its used in
71 : * Heimdal to implement and GSS-API mechanism. There is also support
72 : * in the KDC to do remote digest authenticiation, this to allow
73 : * services to authenticate users w/o direct access to the users ntlm
74 : * hashes (same as Kerberos arcfour enctype keys).
75 : *
76 : * More information about the NTLM protocol can found here
77 : * http://davenport.sourceforge.net/ntlm.html .
78 : *
79 : * The Heimdal projects web page: http://www.h5l.org/
80 : *
81 : * @section ntlm_example NTLM Example
82 : *
83 : * Example to to use @ref test_ntlm.c .
84 : *
85 : * @example test_ntlm.c
86 : *
87 : * Example how to use the NTLM primitives.
88 : *
89 : */
90 :
91 : /** @defgroup ntlm_core Heimdal NTLM library
92 : *
93 : * The NTLM core functions implement the string2key generation
94 : * function, message encode and decode function, and the hash function
95 : * functions.
96 : */
97 :
98 : struct sec_buffer {
99 : uint16_t length;
100 : uint16_t allocated;
101 : uint32_t offset;
102 : };
103 :
104 : static const unsigned char ntlmsigature[8] = "NTLMSSP\x00";
105 :
106 : /*
107 : *
108 : */
109 :
110 : #define CHECK(f, e) \
111 : do { \
112 : ret = f; \
113 : if (ret != (ssize_t)(e)) { \
114 : ret = HNTLM_ERR_DECODE; \
115 : goto out; \
116 : } \
117 : } while(/*CONSTCOND*/0)
118 :
119 : static struct units ntlm_flag_units[] = {
120 : #define ntlm_flag(x) { #x, NTLM_##x }
121 : ntlm_flag(ENC_56),
122 : ntlm_flag(NEG_KEYEX),
123 : ntlm_flag(ENC_128),
124 : ntlm_flag(MBZ1),
125 : ntlm_flag(MBZ2),
126 : ntlm_flag(MBZ3),
127 : ntlm_flag(NEG_VERSION),
128 : ntlm_flag(MBZ4),
129 : ntlm_flag(NEG_TARGET_INFO),
130 : ntlm_flag(NON_NT_SESSION_KEY),
131 : ntlm_flag(MBZ5),
132 : ntlm_flag(NEG_IDENTIFY),
133 : ntlm_flag(NEG_NTLM2),
134 : ntlm_flag(TARGET_SHARE),
135 : ntlm_flag(TARGET_SERVER),
136 : ntlm_flag(TARGET_DOMAIN),
137 : ntlm_flag(NEG_ALWAYS_SIGN),
138 : ntlm_flag(MBZ6),
139 : ntlm_flag(OEM_SUPPLIED_WORKSTATION),
140 : ntlm_flag(OEM_SUPPLIED_DOMAIN),
141 : ntlm_flag(NEG_ANONYMOUS),
142 : ntlm_flag(NEG_NT_ONLY),
143 : ntlm_flag(NEG_NTLM),
144 : ntlm_flag(MBZ8),
145 : ntlm_flag(NEG_LM_KEY),
146 : ntlm_flag(NEG_DATAGRAM),
147 : ntlm_flag(NEG_SEAL),
148 : ntlm_flag(NEG_SIGN),
149 : ntlm_flag(MBZ9),
150 : ntlm_flag(NEG_TARGET),
151 : ntlm_flag(NEG_OEM),
152 : ntlm_flag(NEG_UNICODE),
153 : #undef ntlm_flag
154 : {NULL, 0}
155 : };
156 :
157 : size_t
158 0 : heim_ntlm_unparse_flags(uint32_t flags, char *s, size_t len)
159 : {
160 0 : return unparse_flags(flags, ntlm_flag_units, s, len);
161 : }
162 :
163 :
164 : /**
165 : * heim_ntlm_free_buf frees the ntlm buffer
166 : *
167 : * @param p buffer to be freed
168 : *
169 : * @ingroup ntlm_core
170 : */
171 :
172 : void
173 0 : heim_ntlm_free_buf(struct ntlm_buf *p)
174 : {
175 0 : if (p->data)
176 0 : free(p->data);
177 0 : p->data = NULL;
178 0 : p->length = 0;
179 0 : }
180 :
181 :
182 : static int
183 0 : ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf)
184 : {
185 : unsigned char *p;
186 : size_t len, i;
187 :
188 0 : len = strlen(string);
189 0 : if (len / 2 > UINT_MAX)
190 0 : return ERANGE;
191 :
192 0 : buf->length = len * 2;
193 0 : buf->data = malloc(buf->length);
194 0 : if (buf->data == NULL && len != 0) {
195 0 : heim_ntlm_free_buf(buf);
196 0 : return ENOMEM;
197 : }
198 :
199 0 : p = buf->data;
200 0 : for (i = 0; i < len; i++) {
201 0 : unsigned char t = (unsigned char)string[i];
202 0 : if (t & 0x80) {
203 0 : heim_ntlm_free_buf(buf);
204 0 : return EINVAL;
205 : }
206 0 : if (up)
207 0 : t = toupper(t);
208 0 : p[(i * 2) + 0] = t;
209 0 : p[(i * 2) + 1] = 0;
210 : }
211 0 : return 0;
212 : }
213 :
214 : /*
215 : *
216 : */
217 :
218 : static krb5_error_code
219 0 : ret_sec_buffer(krb5_storage *sp, struct sec_buffer *buf)
220 : {
221 : krb5_error_code ret;
222 0 : CHECK(krb5_ret_uint16(sp, &buf->length), 0);
223 0 : CHECK(krb5_ret_uint16(sp, &buf->allocated), 0);
224 0 : CHECK(krb5_ret_uint32(sp, &buf->offset), 0);
225 0 : out:
226 0 : return ret;
227 : }
228 :
229 : static krb5_error_code
230 0 : store_sec_buffer(krb5_storage *sp, const struct sec_buffer *buf)
231 : {
232 : krb5_error_code ret;
233 0 : CHECK(krb5_store_uint16(sp, buf->length), 0);
234 0 : CHECK(krb5_store_uint16(sp, buf->allocated), 0);
235 0 : CHECK(krb5_store_uint32(sp, buf->offset), 0);
236 0 : out:
237 0 : return ret;
238 : }
239 :
240 : /*
241 : * Strings are either OEM or UNICODE. The later is encoded as ucs2 on
242 : * wire, but using utf8 in memory.
243 : */
244 :
245 : static krb5_error_code
246 0 : len_string(int ucs2, const char *s)
247 : {
248 0 : size_t len = strlen(s);
249 0 : if (ucs2)
250 0 : len *= 2;
251 0 : return len;
252 : }
253 :
254 : /*
255 : *
256 : */
257 :
258 : static krb5_error_code
259 0 : ret_string(krb5_storage *sp, int ucs2, size_t len, char **s)
260 : {
261 : krb5_error_code ret;
262 :
263 0 : *s = malloc(len + 1);
264 0 : if (*s == NULL)
265 0 : return ENOMEM;
266 0 : CHECK(krb5_storage_read(sp, *s, len), len);
267 :
268 0 : (*s)[len] = '\0';
269 :
270 0 : if (ucs2) {
271 : size_t i;
272 0 : for (i = 0; i < len / 2; i++) {
273 0 : (*s)[i] = (*s)[i * 2];
274 0 : if ((*s)[i * 2 + 1]) {
275 0 : free(*s);
276 0 : *s = NULL;
277 0 : return EINVAL;
278 : }
279 : }
280 0 : (*s)[i] = '\0';
281 : }
282 0 : ret = 0;
283 0 : out:
284 0 : return ret;
285 : }
286 :
287 :
288 :
289 : static krb5_error_code
290 0 : ret_sec_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s)
291 : {
292 0 : krb5_error_code ret = 0;
293 0 : CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
294 0 : CHECK(ret_string(sp, ucs2, desc->length, s), 0);
295 0 : out:
296 0 : return ret;
297 : }
298 :
299 : static krb5_error_code
300 0 : put_string(krb5_storage *sp, int ucs2, const char *s)
301 : {
302 : krb5_error_code ret;
303 : struct ntlm_buf buf;
304 :
305 0 : if (ucs2) {
306 0 : ret = ascii2ucs2le(s, 0, &buf);
307 0 : if (ret)
308 0 : return ret;
309 : } else {
310 0 : buf.data = rk_UNCONST(s);
311 0 : buf.length = strlen(s);
312 : }
313 :
314 0 : CHECK(krb5_storage_write(sp, buf.data, buf.length), buf.length);
315 0 : if (ucs2)
316 0 : heim_ntlm_free_buf(&buf);
317 0 : ret = 0;
318 0 : out:
319 0 : return ret;
320 : }
321 :
322 : /*
323 : *
324 : */
325 :
326 : static krb5_error_code
327 0 : ret_buf(krb5_storage *sp, struct sec_buffer *desc, struct ntlm_buf *buf)
328 : {
329 : krb5_error_code ret;
330 :
331 0 : buf->data = malloc(desc->length);
332 0 : buf->length = desc->length;
333 0 : CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
334 0 : CHECK(krb5_storage_read(sp, buf->data, buf->length), buf->length);
335 0 : ret = 0;
336 0 : out:
337 0 : return ret;
338 : }
339 :
340 : static krb5_error_code
341 0 : put_buf(krb5_storage *sp, const struct ntlm_buf *buf)
342 : {
343 : krb5_error_code ret;
344 0 : CHECK(krb5_storage_write(sp, buf->data, buf->length), buf->length);
345 0 : ret = 0;
346 0 : out:
347 0 : return ret;
348 : }
349 :
350 : /**
351 : * Frees the ntlm_targetinfo message
352 : *
353 : * @param ti targetinfo to be freed
354 : *
355 : * @ingroup ntlm_core
356 : */
357 :
358 : void
359 0 : heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti)
360 : {
361 0 : free(ti->servername);
362 0 : free(ti->domainname);
363 0 : free(ti->dnsdomainname);
364 0 : free(ti->dnsservername);
365 0 : free(ti->dnstreename);
366 0 : memset(ti, 0, sizeof(*ti));
367 0 : }
368 :
369 : static int
370 0 : encode_ti_string(krb5_storage *out, uint16_t type, int ucs2, char *s)
371 : {
372 : krb5_error_code ret;
373 0 : CHECK(krb5_store_uint16(out, type), 0);
374 0 : CHECK(krb5_store_uint16(out, len_string(ucs2, s)), 0);
375 0 : CHECK(put_string(out, ucs2, s), 0);
376 0 : out:
377 0 : return ret;
378 : }
379 :
380 : /**
381 : * Encodes a ntlm_targetinfo message.
382 : *
383 : * @param ti the ntlm_targetinfo message to encode.
384 : * @param ucs2 ignored
385 : * @param data is the return buffer with the encoded message, should be
386 : * freed with heim_ntlm_free_buf().
387 : *
388 : * @return In case of success 0 is return, an errors, a errno in what
389 : * went wrong.
390 : *
391 : * @ingroup ntlm_core
392 : */
393 :
394 : int
395 0 : heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti,
396 : int ucs2,
397 : struct ntlm_buf *data)
398 : {
399 : krb5_error_code ret;
400 : krb5_storage *out;
401 :
402 0 : data->data = NULL;
403 0 : data->length = 0;
404 :
405 0 : out = krb5_storage_emem();
406 0 : if (out == NULL)
407 0 : return ENOMEM;
408 :
409 0 : krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
410 :
411 0 : if (ti->servername)
412 0 : CHECK(encode_ti_string(out, 1, ucs2, ti->servername), 0);
413 0 : if (ti->domainname)
414 0 : CHECK(encode_ti_string(out, 2, ucs2, ti->domainname), 0);
415 0 : if (ti->dnsservername)
416 0 : CHECK(encode_ti_string(out, 3, ucs2, ti->dnsservername), 0);
417 0 : if (ti->dnsdomainname)
418 0 : CHECK(encode_ti_string(out, 4, ucs2, ti->dnsdomainname), 0);
419 0 : if (ti->dnstreename)
420 0 : CHECK(encode_ti_string(out, 5, ucs2, ti->dnstreename), 0);
421 0 : if (ti->avflags) {
422 0 : CHECK(krb5_store_uint16(out, 6), 0);
423 0 : CHECK(krb5_store_uint16(out, 4), 0);
424 0 : CHECK(krb5_store_uint32(out, ti->avflags), 0);
425 : }
426 :
427 : /* end tag */
428 0 : CHECK(krb5_store_int16(out, 0), 0);
429 0 : CHECK(krb5_store_int16(out, 0), 0);
430 :
431 : {
432 : krb5_data d;
433 0 : ret = krb5_storage_to_data(out, &d);
434 0 : data->data = d.data;
435 0 : data->length = d.length;
436 : }
437 0 : out:
438 0 : krb5_storage_free(out);
439 0 : return ret;
440 : }
441 :
442 : /**
443 : * Decodes an NTLM targetinfo message
444 : *
445 : * @param data input data buffer with the encode NTLM targetinfo message
446 : * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
447 : * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
448 : *
449 : * @return In case of success 0 is return, an errors, a errno in what
450 : * went wrong.
451 : *
452 : * @ingroup ntlm_core
453 : */
454 :
455 : int
456 0 : heim_ntlm_decode_targetinfo(const struct ntlm_buf *data,
457 : int ucs2,
458 : struct ntlm_targetinfo *ti)
459 : {
460 : uint16_t type, len;
461 : krb5_storage *in;
462 0 : int ret = 0, done = 0;
463 :
464 0 : memset(ti, 0, sizeof(*ti));
465 :
466 0 : if (data->length == 0)
467 0 : return 0;
468 :
469 0 : in = krb5_storage_from_readonly_mem(data->data, data->length);
470 0 : if (in == NULL)
471 0 : return ENOMEM;
472 0 : krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
473 :
474 0 : while (!done) {
475 0 : CHECK(krb5_ret_uint16(in, &type), 0);
476 0 : CHECK(krb5_ret_uint16(in, &len), 0);
477 :
478 0 : switch (type) {
479 0 : case 0:
480 0 : done = 1;
481 0 : break;
482 0 : case 1:
483 0 : CHECK(ret_string(in, ucs2, len, &ti->servername), 0);
484 0 : break;
485 0 : case 2:
486 0 : CHECK(ret_string(in, ucs2, len, &ti->domainname), 0);
487 0 : break;
488 0 : case 3:
489 0 : CHECK(ret_string(in, ucs2, len, &ti->dnsservername), 0);
490 0 : break;
491 0 : case 4:
492 0 : CHECK(ret_string(in, ucs2, len, &ti->dnsdomainname), 0);
493 0 : break;
494 0 : case 5:
495 0 : CHECK(ret_string(in, ucs2, len, &ti->dnstreename), 0);
496 0 : break;
497 0 : case 6:
498 0 : CHECK(krb5_ret_uint32(in, &ti->avflags), 0);
499 0 : break;
500 0 : default:
501 0 : krb5_storage_seek(in, len, SEEK_CUR);
502 0 : break;
503 : }
504 : }
505 0 : out:
506 0 : if (in)
507 0 : krb5_storage_free(in);
508 0 : return ret;
509 : }
510 :
511 : /**
512 : * Frees the ntlm_type1 message
513 : *
514 : * @param data message to be freed
515 : *
516 : * @ingroup ntlm_core
517 : */
518 :
519 : void
520 0 : heim_ntlm_free_type1(struct ntlm_type1 *data)
521 : {
522 0 : if (data->domain)
523 0 : free(data->domain);
524 0 : if (data->hostname)
525 0 : free(data->hostname);
526 0 : memset(data, 0, sizeof(*data));
527 0 : }
528 :
529 : int
530 0 : heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data)
531 : {
532 : krb5_error_code ret;
533 : unsigned char sig[8];
534 : uint32_t type;
535 : struct sec_buffer domain, hostname;
536 : krb5_storage *in;
537 :
538 0 : memset(data, 0, sizeof(*data));
539 :
540 0 : in = krb5_storage_from_readonly_mem(buf->data, buf->length);
541 0 : if (in == NULL) {
542 0 : ret = ENOMEM;
543 0 : goto out;
544 : }
545 0 : krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
546 :
547 0 : CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
548 0 : CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
549 0 : CHECK(krb5_ret_uint32(in, &type), 0);
550 0 : CHECK(type, 1);
551 0 : CHECK(krb5_ret_uint32(in, &data->flags), 0);
552 0 : if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN)
553 0 : CHECK(ret_sec_buffer(in, &domain), 0);
554 0 : if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION)
555 0 : CHECK(ret_sec_buffer(in, &hostname), 0);
556 : #if 0
557 : if (domain.offset > 32) {
558 : CHECK(krb5_ret_uint32(in, &data->os[0]), 0);
559 : CHECK(krb5_ret_uint32(in, &data->os[1]), 0);
560 : }
561 : #endif
562 0 : if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN)
563 0 : CHECK(ret_sec_string(in, 0, &domain, &data->domain), 0);
564 0 : if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION)
565 0 : CHECK(ret_sec_string(in, 0, &hostname, &data->hostname), 0);
566 :
567 0 : out:
568 0 : if (in)
569 0 : krb5_storage_free(in);
570 0 : if (ret)
571 0 : heim_ntlm_free_type1(data);
572 :
573 0 : return ret;
574 : }
575 :
576 : /**
577 : * Encodes an ntlm_type1 message.
578 : *
579 : * @param type1 the ntlm_type1 message to encode.
580 : * @param data is the return buffer with the encoded message, should be
581 : * freed with heim_ntlm_free_buf().
582 : *
583 : * @return In case of success 0 is return, an errors, a errno in what
584 : * went wrong.
585 : *
586 : * @ingroup ntlm_core
587 : */
588 :
589 : int
590 0 : heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data)
591 : {
592 : krb5_error_code ret;
593 : struct sec_buffer domain, hostname;
594 : krb5_storage *out;
595 : uint32_t base, flags;
596 :
597 0 : flags = type1->flags;
598 0 : base = 16;
599 :
600 0 : if (type1->domain) {
601 0 : base += 8;
602 0 : flags |= NTLM_OEM_SUPPLIED_DOMAIN;
603 : }
604 0 : if (type1->hostname) {
605 0 : base += 8;
606 0 : flags |= NTLM_OEM_SUPPLIED_WORKSTATION;
607 : }
608 0 : if (type1->os[0])
609 0 : base += 8;
610 :
611 0 : domain.offset = base;
612 0 : if (type1->domain) {
613 0 : domain.length = len_string(0, type1->domain);
614 0 : domain.allocated = domain.length;
615 : } else {
616 0 : domain.length = 0;
617 0 : domain.allocated = 0;
618 : }
619 :
620 0 : hostname.offset = domain.allocated + domain.offset;
621 0 : if (type1->hostname) {
622 0 : hostname.length = len_string(0, type1->hostname);
623 0 : hostname.allocated = hostname.length;
624 : } else {
625 0 : hostname.length = 0;
626 0 : hostname.allocated = 0;
627 : }
628 :
629 0 : out = krb5_storage_emem();
630 0 : if (out == NULL)
631 0 : return ENOMEM;
632 :
633 0 : krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
634 0 : CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
635 : sizeof(ntlmsigature));
636 0 : CHECK(krb5_store_uint32(out, 1), 0);
637 0 : CHECK(krb5_store_uint32(out, flags), 0);
638 :
639 0 : CHECK(store_sec_buffer(out, &domain), 0);
640 0 : CHECK(store_sec_buffer(out, &hostname), 0);
641 : #if 0
642 : CHECK(krb5_store_uint32(out, type1->os[0]), 0);
643 : CHECK(krb5_store_uint32(out, type1->os[1]), 0);
644 : #endif
645 0 : if (type1->domain)
646 0 : CHECK(put_string(out, 0, type1->domain), 0);
647 0 : if (type1->hostname)
648 0 : CHECK(put_string(out, 0, type1->hostname), 0);
649 :
650 : {
651 : krb5_data d;
652 0 : ret = krb5_storage_to_data(out, &d);
653 0 : data->data = d.data;
654 0 : data->length = d.length;
655 : }
656 0 : out:
657 0 : krb5_storage_free(out);
658 :
659 0 : return ret;
660 : }
661 :
662 : /**
663 : * Frees the ntlm_type2 message
664 : *
665 : * @param data message to be freed
666 : *
667 : * @ingroup ntlm_core
668 : */
669 :
670 : void
671 0 : heim_ntlm_free_type2(struct ntlm_type2 *data)
672 : {
673 0 : if (data->targetname)
674 0 : free(data->targetname);
675 0 : heim_ntlm_free_buf(&data->targetinfo);
676 0 : memset(data, 0, sizeof(*data));
677 0 : }
678 :
679 : int
680 0 : heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2)
681 : {
682 : krb5_error_code ret;
683 : unsigned char sig[8];
684 : uint32_t type, ctx[2];
685 : struct sec_buffer targetname, targetinfo;
686 : krb5_storage *in;
687 0 : int ucs2 = 0;
688 :
689 0 : memset(type2, 0, sizeof(*type2));
690 :
691 0 : in = krb5_storage_from_readonly_mem(buf->data, buf->length);
692 0 : if (in == NULL) {
693 0 : ret = ENOMEM;
694 0 : goto out;
695 : }
696 0 : krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
697 :
698 0 : CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
699 0 : CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
700 0 : CHECK(krb5_ret_uint32(in, &type), 0);
701 0 : CHECK(type, 2);
702 :
703 0 : CHECK(ret_sec_buffer(in, &targetname), 0);
704 0 : CHECK(krb5_ret_uint32(in, &type2->flags), 0);
705 0 : if (type2->flags & NTLM_NEG_UNICODE)
706 0 : ucs2 = 1;
707 0 : CHECK(krb5_storage_read(in, type2->challenge, sizeof(type2->challenge)),
708 : sizeof(type2->challenge));
709 0 : CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */
710 0 : CHECK(krb5_ret_uint32(in, &ctx[1]), 0);
711 0 : CHECK(ret_sec_buffer(in, &targetinfo), 0);
712 : /* os version */
713 0 : if (type2->flags & NTLM_NEG_VERSION) {
714 0 : CHECK(krb5_ret_uint32(in, &type2->os[0]), 0);
715 0 : CHECK(krb5_ret_uint32(in, &type2->os[1]), 0);
716 : }
717 :
718 0 : CHECK(ret_sec_string(in, ucs2, &targetname, &type2->targetname), 0);
719 0 : CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0);
720 0 : ret = 0;
721 :
722 0 : out:
723 0 : if (in)
724 0 : krb5_storage_free(in);
725 0 : if (ret)
726 0 : heim_ntlm_free_type2(type2);
727 :
728 0 : return ret;
729 : }
730 :
731 : /**
732 : * Encodes an ntlm_type2 message.
733 : *
734 : * @param type2 the ntlm_type2 message to encode.
735 : * @param data is the return buffer with the encoded message, should be
736 : * freed with heim_ntlm_free_buf().
737 : *
738 : * @return In case of success 0 is return, an errors, a errno in what
739 : * went wrong.
740 : *
741 : * @ingroup ntlm_core
742 : */
743 :
744 : int
745 0 : heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data)
746 : {
747 : struct sec_buffer targetname, targetinfo;
748 : krb5_error_code ret;
749 0 : krb5_storage *out = NULL;
750 : uint32_t base;
751 0 : int ucs2 = 0;
752 :
753 0 : base = 48;
754 :
755 0 : if (type2->flags & NTLM_NEG_VERSION)
756 0 : base += 8;
757 :
758 0 : if (type2->flags & NTLM_NEG_UNICODE)
759 0 : ucs2 = 1;
760 :
761 0 : targetname.offset = base;
762 0 : targetname.length = len_string(ucs2, type2->targetname);
763 0 : targetname.allocated = targetname.length;
764 :
765 0 : targetinfo.offset = targetname.allocated + targetname.offset;
766 0 : targetinfo.length = type2->targetinfo.length;
767 0 : targetinfo.allocated = type2->targetinfo.length;
768 :
769 0 : out = krb5_storage_emem();
770 0 : if (out == NULL)
771 0 : return ENOMEM;
772 :
773 0 : krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
774 0 : CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
775 : sizeof(ntlmsigature));
776 0 : CHECK(krb5_store_uint32(out, 2), 0);
777 0 : CHECK(store_sec_buffer(out, &targetname), 0);
778 0 : CHECK(krb5_store_uint32(out, type2->flags), 0);
779 0 : CHECK(krb5_storage_write(out, type2->challenge, sizeof(type2->challenge)),
780 : sizeof(type2->challenge));
781 0 : CHECK(krb5_store_uint32(out, 0), 0); /* context */
782 0 : CHECK(krb5_store_uint32(out, 0), 0);
783 0 : CHECK(store_sec_buffer(out, &targetinfo), 0);
784 : /* os version */
785 0 : if (type2->flags & NTLM_NEG_VERSION) {
786 0 : CHECK(krb5_store_uint32(out, type2->os[0]), 0);
787 0 : CHECK(krb5_store_uint32(out, type2->os[1]), 0);
788 : }
789 0 : CHECK(put_string(out, ucs2, type2->targetname), 0);
790 0 : CHECK(krb5_storage_write(out, type2->targetinfo.data,
791 : type2->targetinfo.length),
792 : type2->targetinfo.length);
793 :
794 : {
795 : krb5_data d;
796 0 : ret = krb5_storage_to_data(out, &d);
797 0 : data->data = d.data;
798 0 : data->length = d.length;
799 : }
800 :
801 0 : out:
802 0 : krb5_storage_free(out);
803 :
804 0 : return ret;
805 : }
806 :
807 : /**
808 : * Frees the ntlm_type3 message
809 : *
810 : * @param data message to be freed
811 : *
812 : * @ingroup ntlm_core
813 : */
814 :
815 : void
816 0 : heim_ntlm_free_type3(struct ntlm_type3 *data)
817 : {
818 0 : heim_ntlm_free_buf(&data->lm);
819 0 : heim_ntlm_free_buf(&data->ntlm);
820 0 : if (data->targetname)
821 0 : free(data->targetname);
822 0 : if (data->username)
823 0 : free(data->username);
824 0 : if (data->ws)
825 0 : free(data->ws);
826 0 : heim_ntlm_free_buf(&data->sessionkey);
827 0 : memset(data, 0, sizeof(*data));
828 0 : }
829 :
830 : /*
831 : *
832 : */
833 :
834 : int
835 0 : heim_ntlm_decode_type3(const struct ntlm_buf *buf,
836 : int ucs2,
837 : struct ntlm_type3 *type3)
838 : {
839 : krb5_error_code ret;
840 : unsigned char sig[8];
841 : uint32_t type;
842 : krb5_storage *in;
843 : struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
844 0 : uint32_t min_offset = 72;
845 :
846 0 : memset(type3, 0, sizeof(*type3));
847 0 : memset(&sessionkey, 0, sizeof(sessionkey));
848 :
849 0 : in = krb5_storage_from_readonly_mem(buf->data, buf->length);
850 0 : if (in == NULL) {
851 0 : ret = ENOMEM;
852 0 : goto out;
853 : }
854 0 : krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
855 :
856 0 : CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
857 0 : CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
858 0 : CHECK(krb5_ret_uint32(in, &type), 0);
859 0 : CHECK(type, 3);
860 0 : CHECK(ret_sec_buffer(in, &lm), 0);
861 0 : if (lm.allocated)
862 0 : min_offset = min(min_offset, lm.offset);
863 0 : CHECK(ret_sec_buffer(in, &ntlm), 0);
864 0 : if (ntlm.allocated)
865 0 : min_offset = min(min_offset, ntlm.offset);
866 0 : CHECK(ret_sec_buffer(in, &target), 0);
867 0 : if (target.allocated)
868 0 : min_offset = min(min_offset, target.offset);
869 0 : CHECK(ret_sec_buffer(in, &username), 0);
870 0 : if (username.allocated)
871 0 : min_offset = min(min_offset, username.offset);
872 0 : CHECK(ret_sec_buffer(in, &ws), 0);
873 0 : if (ws.allocated)
874 0 : min_offset = min(min_offset, ws.offset);
875 :
876 0 : if (min_offset > 52) {
877 0 : CHECK(ret_sec_buffer(in, &sessionkey), 0);
878 0 : min_offset = max(min_offset, sessionkey.offset);
879 0 : CHECK(krb5_ret_uint32(in, &type3->flags), 0);
880 : }
881 0 : if (min_offset > 52 + 8 + 4 + 8) {
882 0 : CHECK(krb5_ret_uint32(in, &type3->os[0]), 0);
883 0 : CHECK(krb5_ret_uint32(in, &type3->os[1]), 0);
884 : }
885 0 : CHECK(ret_buf(in, &lm, &type3->lm), 0);
886 0 : CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0);
887 0 : CHECK(ret_sec_string(in, ucs2, &target, &type3->targetname), 0);
888 0 : CHECK(ret_sec_string(in, ucs2, &username, &type3->username), 0);
889 0 : CHECK(ret_sec_string(in, ucs2, &ws, &type3->ws), 0);
890 0 : if (sessionkey.offset)
891 0 : CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0);
892 :
893 0 : out:
894 0 : if (in)
895 0 : krb5_storage_free(in);
896 0 : if (ret)
897 0 : heim_ntlm_free_type3(type3);
898 :
899 0 : return ret;
900 : }
901 :
902 : /**
903 : * Encodes an ntlm_type3 message.
904 : *
905 : * @param type3 the ntlm_type3 message to encode.
906 : * @param data is the return buffer with the encoded message, should be
907 : * freed with heim_ntlm_free_buf().
908 : *
909 : * @return In case of success 0 is return, an errors, a errno in what
910 : * went wrong.
911 : *
912 : * @ingroup ntlm_core
913 : */
914 :
915 : int
916 0 : heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data)
917 : {
918 : struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
919 : krb5_error_code ret;
920 0 : krb5_storage *out = NULL;
921 : uint32_t base;
922 0 : int ucs2 = 0;
923 :
924 0 : memset(&lm, 0, sizeof(lm));
925 0 : memset(&ntlm, 0, sizeof(ntlm));
926 0 : memset(&target, 0, sizeof(target));
927 0 : memset(&username, 0, sizeof(username));
928 0 : memset(&ws, 0, sizeof(ws));
929 0 : memset(&sessionkey, 0, sizeof(sessionkey));
930 :
931 0 : base = 52;
932 :
933 0 : base += 8; /* sessionkey sec buf */
934 0 : base += 4; /* flags */
935 :
936 0 : if (type3->os[0]) {
937 0 : base += 8;
938 : }
939 :
940 0 : if (type3->flags & NTLM_NEG_UNICODE)
941 0 : ucs2 = 1;
942 :
943 0 : target.offset = base;
944 0 : target.length = len_string(ucs2, type3->targetname);
945 0 : target.allocated = target.length;
946 :
947 0 : username.offset = target.offset + target.allocated;
948 0 : username.length = len_string(ucs2, type3->username);
949 0 : username.allocated = username.length;
950 :
951 0 : ws.offset = username.offset + username.allocated;
952 0 : ws.length = len_string(ucs2, type3->ws);
953 0 : ws.allocated = ws.length;
954 :
955 0 : lm.offset = ws.offset + ws.allocated;
956 0 : lm.length = type3->lm.length;
957 0 : lm.allocated = type3->lm.length;
958 :
959 0 : ntlm.offset = lm.offset + lm.allocated;
960 0 : ntlm.length = type3->ntlm.length;
961 0 : ntlm.allocated = ntlm.length;
962 :
963 0 : sessionkey.offset = ntlm.offset + ntlm.allocated;
964 0 : sessionkey.length = type3->sessionkey.length;
965 0 : sessionkey.allocated = type3->sessionkey.length;
966 :
967 0 : out = krb5_storage_emem();
968 0 : if (out == NULL)
969 0 : return ENOMEM;
970 :
971 0 : krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
972 0 : CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
973 : sizeof(ntlmsigature));
974 0 : CHECK(krb5_store_uint32(out, 3), 0);
975 :
976 0 : CHECK(store_sec_buffer(out, &lm), 0);
977 0 : CHECK(store_sec_buffer(out, &ntlm), 0);
978 0 : CHECK(store_sec_buffer(out, &target), 0);
979 0 : CHECK(store_sec_buffer(out, &username), 0);
980 0 : CHECK(store_sec_buffer(out, &ws), 0);
981 0 : CHECK(store_sec_buffer(out, &sessionkey), 0);
982 0 : CHECK(krb5_store_uint32(out, type3->flags), 0);
983 :
984 : #if 0
985 : CHECK(krb5_store_uint32(out, 0), 0); /* os0 */
986 : CHECK(krb5_store_uint32(out, 0), 0); /* os1 */
987 : #endif
988 :
989 0 : CHECK(put_string(out, ucs2, type3->targetname), 0);
990 0 : CHECK(put_string(out, ucs2, type3->username), 0);
991 0 : CHECK(put_string(out, ucs2, type3->ws), 0);
992 0 : CHECK(put_buf(out, &type3->lm), 0);
993 0 : CHECK(put_buf(out, &type3->ntlm), 0);
994 0 : CHECK(put_buf(out, &type3->sessionkey), 0);
995 :
996 : {
997 : krb5_data d;
998 0 : ret = krb5_storage_to_data(out, &d);
999 0 : data->data = d.data;
1000 0 : data->length = d.length;
1001 : }
1002 :
1003 0 : out:
1004 0 : krb5_storage_free(out);
1005 :
1006 0 : return ret;
1007 : }
1008 :
1009 :
1010 : /*
1011 : *
1012 : */
1013 :
1014 : static void
1015 0 : splitandenc(unsigned char *hash,
1016 : unsigned char *challenge,
1017 : unsigned char *answer)
1018 : {
1019 : EVP_CIPHER_CTX ctx;
1020 : unsigned char key[8];
1021 :
1022 0 : key[0] = hash[0];
1023 0 : key[1] = (hash[0] << 7) | (hash[1] >> 1);
1024 0 : key[2] = (hash[1] << 6) | (hash[2] >> 2);
1025 0 : key[3] = (hash[2] << 5) | (hash[3] >> 3);
1026 0 : key[4] = (hash[3] << 4) | (hash[4] >> 4);
1027 0 : key[5] = (hash[4] << 3) | (hash[5] >> 5);
1028 0 : key[6] = (hash[5] << 2) | (hash[6] >> 6);
1029 0 : key[7] = (hash[6] << 1);
1030 :
1031 0 : EVP_CIPHER_CTX_init(&ctx);
1032 :
1033 0 : EVP_CipherInit_ex(&ctx, EVP_des_cbc(), NULL, key, NULL, 1);
1034 0 : EVP_Cipher(&ctx, answer, challenge, 8);
1035 0 : EVP_CIPHER_CTX_cleanup(&ctx);
1036 0 : memset(key, 0, sizeof(key));
1037 0 : }
1038 :
1039 : /**
1040 : * Calculate the NTLM key, the password is assumed to be in UTF8.
1041 : *
1042 : * @param password password to calcute the key for.
1043 : * @param key calcuted key, should be freed with heim_ntlm_free_buf().
1044 : *
1045 : * @return In case of success 0 is return, an errors, a errno in what
1046 : * went wrong.
1047 : *
1048 : * @ingroup ntlm_core
1049 : */
1050 :
1051 : int
1052 0 : heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
1053 : {
1054 : struct ntlm_buf buf;
1055 : EVP_MD_CTX *m;
1056 : int ret;
1057 :
1058 0 : key->data = malloc(MD5_DIGEST_LENGTH);
1059 0 : if (key->data == NULL)
1060 0 : return ENOMEM;
1061 0 : key->length = MD5_DIGEST_LENGTH;
1062 :
1063 0 : ret = ascii2ucs2le(password, 0, &buf);
1064 0 : if (ret) {
1065 0 : heim_ntlm_free_buf(key);
1066 0 : return ret;
1067 : }
1068 :
1069 0 : m = EVP_MD_CTX_create();
1070 0 : if (m == NULL) {
1071 0 : heim_ntlm_free_buf(key);
1072 0 : heim_ntlm_free_buf(&buf);
1073 0 : return ENOMEM;
1074 : }
1075 :
1076 0 : EVP_DigestInit_ex(m, EVP_md4(), NULL);
1077 0 : EVP_DigestUpdate(m, buf.data, buf.length);
1078 0 : EVP_DigestFinal_ex(m, key->data, NULL);
1079 0 : EVP_MD_CTX_destroy(m);
1080 :
1081 0 : heim_ntlm_free_buf(&buf);
1082 0 : return 0;
1083 : }
1084 :
1085 : /**
1086 : * Calculate NTLMv1 response hash
1087 : *
1088 : * @param key the ntlm v1 key
1089 : * @param len length of key
1090 : * @param challenge sent by the server
1091 : * @param answer calculated answer, should be freed with heim_ntlm_free_buf().
1092 : *
1093 : * @return In case of success 0 is return, an errors, a errno in what
1094 : * went wrong.
1095 : *
1096 : * @ingroup ntlm_core
1097 : */
1098 :
1099 : int
1100 0 : heim_ntlm_calculate_ntlm1(void *key, size_t len,
1101 : unsigned char challenge[8],
1102 : struct ntlm_buf *answer)
1103 : {
1104 : unsigned char res[21];
1105 :
1106 0 : if (len != MD4_DIGEST_LENGTH)
1107 0 : return HNTLM_ERR_INVALID_LENGTH;
1108 :
1109 0 : memcpy(res, key, len);
1110 0 : memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH);
1111 :
1112 0 : answer->data = malloc(24);
1113 0 : if (answer->data == NULL)
1114 0 : return ENOMEM;
1115 0 : answer->length = 24;
1116 :
1117 0 : splitandenc(&res[0], challenge, ((unsigned char *)answer->data) + 0);
1118 0 : splitandenc(&res[7], challenge, ((unsigned char *)answer->data) + 8);
1119 0 : splitandenc(&res[14], challenge, ((unsigned char *)answer->data) + 16);
1120 :
1121 0 : return 0;
1122 : }
1123 :
1124 : int
1125 0 : heim_ntlm_v1_base_session(void *key, size_t len,
1126 : struct ntlm_buf *session)
1127 : {
1128 : EVP_MD_CTX *m;
1129 :
1130 0 : session->length = MD4_DIGEST_LENGTH;
1131 0 : session->data = malloc(session->length);
1132 0 : if (session->data == NULL) {
1133 0 : session->length = 0;
1134 0 : return ENOMEM;
1135 : }
1136 :
1137 0 : m = EVP_MD_CTX_create();
1138 0 : if (m == NULL) {
1139 0 : heim_ntlm_free_buf(session);
1140 0 : return ENOMEM;
1141 : }
1142 0 : EVP_DigestInit_ex(m, EVP_md4(), NULL);
1143 0 : EVP_DigestUpdate(m, key, len);
1144 0 : EVP_DigestFinal_ex(m, session->data, NULL);
1145 0 : EVP_MD_CTX_destroy(m);
1146 :
1147 0 : return 0;
1148 : }
1149 :
1150 : int
1151 0 : heim_ntlm_v2_base_session(void *key, size_t len,
1152 : struct ntlm_buf *ntlmResponse,
1153 : struct ntlm_buf *session)
1154 : {
1155 : unsigned int hmaclen;
1156 : HMAC_CTX c;
1157 :
1158 0 : if (ntlmResponse->length <= 16)
1159 0 : return HNTLM_ERR_INVALID_LENGTH;
1160 :
1161 0 : session->data = malloc(16);
1162 0 : if (session->data == NULL)
1163 0 : return ENOMEM;
1164 0 : session->length = 16;
1165 :
1166 : /* Note: key is the NTLMv2 key */
1167 0 : HMAC_CTX_init(&c);
1168 0 : HMAC_Init_ex(&c, key, len, EVP_md5(), NULL);
1169 0 : HMAC_Update(&c, ntlmResponse->data, 16);
1170 0 : HMAC_Final(&c, session->data, &hmaclen);
1171 0 : HMAC_CTX_cleanup(&c);
1172 :
1173 0 : return 0;
1174 : }
1175 :
1176 :
1177 : int
1178 0 : heim_ntlm_keyex_wrap(struct ntlm_buf *base_session,
1179 : struct ntlm_buf *session,
1180 : struct ntlm_buf *encryptedSession)
1181 : {
1182 : EVP_CIPHER_CTX c;
1183 : int ret;
1184 :
1185 0 : session->length = MD4_DIGEST_LENGTH;
1186 0 : session->data = malloc(session->length);
1187 0 : if (session->data == NULL) {
1188 0 : session->length = 0;
1189 0 : return ENOMEM;
1190 : }
1191 0 : encryptedSession->length = MD4_DIGEST_LENGTH;
1192 0 : encryptedSession->data = malloc(encryptedSession->length);
1193 0 : if (encryptedSession->data == NULL) {
1194 0 : heim_ntlm_free_buf(session);
1195 0 : encryptedSession->length = 0;
1196 0 : return ENOMEM;
1197 : }
1198 :
1199 0 : EVP_CIPHER_CTX_init(&c);
1200 :
1201 0 : ret = EVP_CipherInit_ex(&c, EVP_rc4(), NULL, base_session->data, NULL, 1);
1202 0 : if (ret != 1) {
1203 0 : EVP_CIPHER_CTX_cleanup(&c);
1204 0 : heim_ntlm_free_buf(encryptedSession);
1205 0 : heim_ntlm_free_buf(session);
1206 0 : return HNTLM_ERR_CRYPTO;
1207 : }
1208 :
1209 0 : if (RAND_bytes(session->data, session->length) != 1) {
1210 0 : EVP_CIPHER_CTX_cleanup(&c);
1211 0 : heim_ntlm_free_buf(encryptedSession);
1212 0 : heim_ntlm_free_buf(session);
1213 0 : return HNTLM_ERR_RAND;
1214 : }
1215 :
1216 0 : EVP_Cipher(&c, encryptedSession->data, session->data, encryptedSession->length);
1217 0 : EVP_CIPHER_CTX_cleanup(&c);
1218 :
1219 0 : return 0;
1220 :
1221 :
1222 :
1223 : }
1224 :
1225 :
1226 :
1227 : /**
1228 : * Generates an NTLMv1 session random with assosited session master key.
1229 : *
1230 : * @param key the ntlm v1 key
1231 : * @param len length of key
1232 : * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1233 : * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
1234 : *
1235 : * @return In case of success 0 is return, an errors, a errno in what
1236 : * went wrong.
1237 : *
1238 : * @ingroup ntlm_core
1239 : */
1240 :
1241 : int
1242 0 : heim_ntlm_build_ntlm1_master(void *key, size_t len,
1243 : struct ntlm_buf *session,
1244 : struct ntlm_buf *master)
1245 : {
1246 : struct ntlm_buf sess;
1247 : int ret;
1248 :
1249 0 : ret = heim_ntlm_v1_base_session(key, len, &sess);
1250 0 : if (ret)
1251 0 : return ret;
1252 :
1253 0 : ret = heim_ntlm_keyex_wrap(&sess, session, master);
1254 0 : heim_ntlm_free_buf(&sess);
1255 :
1256 0 : return ret;
1257 : }
1258 :
1259 : /**
1260 : * Generates an NTLMv2 session random with associated session master key.
1261 : *
1262 : * @param key the NTLMv2 key
1263 : * @param len length of key
1264 : * @param blob the NTLMv2 "blob"
1265 : * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1266 : * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
1267 : *
1268 : * @return In case of success 0 is return, an errors, a errno in what
1269 : * went wrong.
1270 : *
1271 : * @ingroup ntlm_core
1272 : */
1273 :
1274 :
1275 : int
1276 0 : heim_ntlm_build_ntlm2_master(void *key, size_t len,
1277 : struct ntlm_buf *blob,
1278 : struct ntlm_buf *session,
1279 : struct ntlm_buf *master)
1280 : {
1281 : struct ntlm_buf sess;
1282 : int ret;
1283 :
1284 0 : ret = heim_ntlm_v2_base_session(key, len, blob, &sess);
1285 0 : if (ret)
1286 0 : return ret;
1287 :
1288 0 : ret = heim_ntlm_keyex_wrap(&sess, session, master);
1289 0 : heim_ntlm_free_buf(&sess);
1290 :
1291 0 : return ret;
1292 : }
1293 :
1294 : /**
1295 : * Given a key and encrypted session, unwrap the session key
1296 : *
1297 : * @param baseKey the sessionBaseKey
1298 : * @param encryptedSession encrypted session, type3.session field.
1299 : * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
1300 : *
1301 : * @return In case of success 0 is return, an errors, a errno in what
1302 : * went wrong.
1303 : *
1304 : * @ingroup ntlm_core
1305 : */
1306 :
1307 : int
1308 0 : heim_ntlm_keyex_unwrap(struct ntlm_buf *baseKey,
1309 : struct ntlm_buf *encryptedSession,
1310 : struct ntlm_buf *session)
1311 : {
1312 : EVP_CIPHER_CTX c;
1313 :
1314 0 : memset(session, 0, sizeof(*session));
1315 :
1316 0 : if (baseKey->length != MD4_DIGEST_LENGTH)
1317 0 : return HNTLM_ERR_INVALID_LENGTH;
1318 :
1319 0 : session->length = MD4_DIGEST_LENGTH;
1320 0 : session->data = malloc(session->length);
1321 0 : if (session->data == NULL) {
1322 0 : session->length = 0;
1323 0 : return ENOMEM;
1324 : }
1325 0 : EVP_CIPHER_CTX_init(&c);
1326 :
1327 0 : if (EVP_CipherInit_ex(&c, EVP_rc4(), NULL, baseKey->data, NULL, 0) != 1) {
1328 0 : EVP_CIPHER_CTX_cleanup(&c);
1329 0 : heim_ntlm_free_buf(session);
1330 0 : return HNTLM_ERR_CRYPTO;
1331 : }
1332 :
1333 0 : EVP_Cipher(&c, session->data, encryptedSession->data, session->length);
1334 0 : EVP_CIPHER_CTX_cleanup(&c);
1335 :
1336 0 : return 0;
1337 : }
1338 :
1339 :
1340 : /**
1341 : * Generates an NTLMv2 session key.
1342 : *
1343 : * @param key the ntlm key
1344 : * @param len length of key
1345 : * @param username name of the user, as sent in the message, assumed to be in UTF8.
1346 : * @param target the name of the target, assumed to be in UTF8.
1347 : * @param ntlmv2 the ntlmv2 session key
1348 : *
1349 : * @return 0 on success, or an error code on failure.
1350 : *
1351 : * @ingroup ntlm_core
1352 : */
1353 :
1354 : int
1355 0 : heim_ntlm_ntlmv2_key(const void *key, size_t len,
1356 : const char *username,
1357 : const char *target,
1358 : unsigned char ntlmv2[16])
1359 : {
1360 : int ret;
1361 : unsigned int hmaclen;
1362 : HMAC_CTX c;
1363 :
1364 0 : HMAC_CTX_init(&c);
1365 0 : HMAC_Init_ex(&c, key, len, EVP_md5(), NULL);
1366 : {
1367 : struct ntlm_buf buf;
1368 : /* uppercase username and turn it into ucs2-le */
1369 0 : ret = ascii2ucs2le(username, 1, &buf);
1370 0 : if (ret)
1371 0 : goto out;
1372 0 : HMAC_Update(&c, buf.data, buf.length);
1373 0 : free(buf.data);
1374 : /* uppercase target and turn into ucs2-le */
1375 0 : ret = ascii2ucs2le(target, 1, &buf);
1376 0 : if (ret)
1377 0 : goto out;
1378 0 : HMAC_Update(&c, buf.data, buf.length);
1379 0 : free(buf.data);
1380 : }
1381 0 : HMAC_Final(&c, ntlmv2, &hmaclen);
1382 0 : out:
1383 0 : HMAC_CTX_cleanup(&c);
1384 :
1385 0 : return ret;
1386 : }
1387 :
1388 : /*
1389 : *
1390 : */
1391 :
1392 : #define NTTIME_EPOCH 0x019DB1DED53E8000LL
1393 :
1394 : static uint64_t
1395 0 : unix2nttime(time_t unix_time)
1396 : {
1397 : long long wt;
1398 0 : wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH;
1399 0 : return wt;
1400 : }
1401 :
1402 : static time_t
1403 0 : nt2unixtime(uint64_t t)
1404 : {
1405 0 : t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000);
1406 0 : if (t > (((uint64_t)(time_t)(~(uint64_t)0)) >> 1))
1407 0 : return 0;
1408 0 : return (time_t)t;
1409 : }
1410 :
1411 : /**
1412 : * Calculate LMv2 response
1413 : *
1414 : * @param key the ntlm key
1415 : * @param len length of key
1416 : * @param username name of the user, as sent in the message, assumed to be in UTF8.
1417 : * @param target the name of the target, assumed to be in UTF8.
1418 : * @param serverchallenge challenge as sent by the server in the type2 message.
1419 : * @param ntlmv2 calculated session key
1420 : * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1421 : *
1422 : * @return In case of success 0 is return, an errors, a errno in what
1423 : * went wrong.
1424 : *
1425 : * @ingroup ntlm_core
1426 : */
1427 :
1428 : int
1429 0 : heim_ntlm_calculate_lm2(const void *key, size_t len,
1430 : const char *username,
1431 : const char *target,
1432 : const unsigned char serverchallenge[8],
1433 : unsigned char ntlmv2[16],
1434 : struct ntlm_buf *answer)
1435 : {
1436 : unsigned char clientchallenge[8];
1437 :
1438 0 : if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
1439 0 : return HNTLM_ERR_RAND;
1440 :
1441 : /* calculate ntlmv2 key */
1442 :
1443 0 : heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1444 :
1445 0 : answer->data = malloc(24);
1446 0 : if (answer->data == NULL)
1447 0 : return ENOMEM;
1448 0 : answer->length = 24;
1449 :
1450 0 : heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8,
1451 0 : serverchallenge, answer->data);
1452 :
1453 0 : memcpy(((uint8_t *)answer->data) + 16, clientchallenge, 8);
1454 :
1455 0 : return 0;
1456 : }
1457 :
1458 :
1459 : /**
1460 : * Calculate NTLMv2 response
1461 : *
1462 : * @param key the ntlm key
1463 : * @param len length of key
1464 : * @param username name of the user, as sent in the message, assumed to be in UTF8.
1465 : * @param target the name of the target, assumed to be in UTF8.
1466 : * @param serverchallenge challenge as sent by the server in the type2 message.
1467 : * @param infotarget infotarget as sent by the server in the type2 message.
1468 : * @param ntlmv2 calculated session key
1469 : * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1470 : *
1471 : * @return In case of success 0 is return, an errors, a errno in what
1472 : * went wrong.
1473 : *
1474 : * @ingroup ntlm_core
1475 : */
1476 :
1477 : int
1478 0 : heim_ntlm_calculate_ntlm2(const void *key, size_t len,
1479 : const char *username,
1480 : const char *target,
1481 : const unsigned char serverchallenge[8],
1482 : const struct ntlm_buf *infotarget,
1483 : unsigned char ntlmv2[16],
1484 : struct ntlm_buf *answer)
1485 : {
1486 : krb5_error_code ret;
1487 : krb5_data data;
1488 : unsigned char ntlmv2answer[16];
1489 : krb5_storage *sp;
1490 : unsigned char clientchallenge[8];
1491 : uint64_t t;
1492 :
1493 0 : t = unix2nttime(time(NULL));
1494 :
1495 0 : if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
1496 0 : return HNTLM_ERR_RAND;
1497 :
1498 : /* calculate ntlmv2 key */
1499 :
1500 0 : heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1501 :
1502 : /* calculate and build ntlmv2 answer */
1503 :
1504 0 : sp = krb5_storage_emem();
1505 0 : if (sp == NULL)
1506 0 : return ENOMEM;
1507 0 : krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
1508 :
1509 0 : CHECK(krb5_store_uint32(sp, 0x00000101), 0);
1510 0 : CHECK(krb5_store_uint32(sp, 0), 0);
1511 : /* timestamp le 64 bit ts */
1512 0 : CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0);
1513 0 : CHECK(krb5_store_uint32(sp, t >> 32), 0);
1514 :
1515 0 : CHECK(krb5_storage_write(sp, clientchallenge, 8), 8);
1516 :
1517 0 : CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */
1518 0 : CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length),
1519 : infotarget->length);
1520 0 : CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */
1521 :
1522 0 : CHECK(krb5_storage_to_data(sp, &data), 0);
1523 0 : krb5_storage_free(sp);
1524 0 : sp = NULL;
1525 :
1526 0 : heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length, serverchallenge, ntlmv2answer);
1527 :
1528 0 : sp = krb5_storage_emem();
1529 0 : if (sp == NULL) {
1530 0 : krb5_data_free(&data);
1531 0 : return ENOMEM;
1532 : }
1533 :
1534 0 : CHECK(krb5_storage_write(sp, ntlmv2answer, 16), 16);
1535 0 : CHECK(krb5_storage_write(sp, data.data, data.length), data.length);
1536 0 : krb5_data_free(&data);
1537 :
1538 0 : CHECK(krb5_storage_to_data(sp, &data), 0);
1539 0 : krb5_storage_free(sp);
1540 0 : sp = NULL;
1541 :
1542 0 : answer->data = data.data;
1543 0 : answer->length = data.length;
1544 :
1545 0 : return 0;
1546 0 : out:
1547 0 : if (sp)
1548 0 : krb5_storage_free(sp);
1549 0 : return ret;
1550 : }
1551 :
1552 : static const int authtimediff = 3600 * 2; /* 2 hours */
1553 :
1554 : /**
1555 : * Verify NTLMv2 response.
1556 : *
1557 : * @param key the ntlm key
1558 : * @param len length of key
1559 : * @param username name of the user, as sent in the message, assumed to be in UTF8.
1560 : * @param target the name of the target, assumed to be in UTF8.
1561 : * @param now the time now (0 if the library should pick it up itself)
1562 : * @param serverchallenge challenge as sent by the server in the type2 message.
1563 : * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
1564 : * @param infotarget infotarget as sent by the server in the type2 message.
1565 : * @param ntlmv2 calculated session key
1566 : *
1567 : * @return In case of success 0 is return, an errors, a errno in what
1568 : * went wrong.
1569 : *
1570 : * @ingroup ntlm_core
1571 : */
1572 :
1573 : int
1574 0 : heim_ntlm_verify_ntlm2(const void *key, size_t len,
1575 : const char *username,
1576 : const char *target,
1577 : time_t now,
1578 : const unsigned char serverchallenge[8],
1579 : const struct ntlm_buf *answer,
1580 : struct ntlm_buf *infotarget,
1581 : unsigned char ntlmv2[16])
1582 : {
1583 : krb5_error_code ret;
1584 : unsigned char clientanswer[16];
1585 : unsigned char clientnonce[8];
1586 : unsigned char serveranswer[16];
1587 : krb5_storage *sp;
1588 : time_t authtime;
1589 : uint32_t temp;
1590 : uint64_t t;
1591 :
1592 0 : infotarget->length = 0;
1593 0 : infotarget->data = NULL;
1594 :
1595 0 : if (answer->length < 16)
1596 0 : return HNTLM_ERR_INVALID_LENGTH;
1597 :
1598 0 : if (now == 0)
1599 0 : now = time(NULL);
1600 :
1601 : /* calculate ntlmv2 key */
1602 :
1603 0 : heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2);
1604 :
1605 : /* calculate and build ntlmv2 answer */
1606 :
1607 0 : sp = krb5_storage_from_readonly_mem(answer->data, answer->length);
1608 0 : if (sp == NULL)
1609 0 : return ENOMEM;
1610 0 : krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
1611 :
1612 0 : CHECK(krb5_storage_read(sp, clientanswer, 16), 16);
1613 :
1614 0 : CHECK(krb5_ret_uint32(sp, &temp), 0);
1615 0 : CHECK(temp, 0x00000101);
1616 0 : CHECK(krb5_ret_uint32(sp, &temp), 0);
1617 0 : CHECK(temp, 0);
1618 : /* timestamp le 64 bit ts */
1619 0 : CHECK(krb5_ret_uint32(sp, &temp), 0);
1620 0 : t = temp;
1621 0 : CHECK(krb5_ret_uint32(sp, &temp), 0);
1622 0 : t |= ((uint64_t)temp)<< 32;
1623 :
1624 0 : authtime = nt2unixtime(t);
1625 :
1626 0 : if (abs((int)(authtime - now)) > authtimediff) {
1627 0 : ret = HNTLM_ERR_TIME_SKEW;
1628 0 : goto out;
1629 : }
1630 :
1631 : /* client challenge */
1632 0 : CHECK(krb5_storage_read(sp, clientnonce, 8), 8);
1633 :
1634 0 : CHECK(krb5_ret_uint32(sp, &temp), 0); /* unknown */
1635 :
1636 : /* should really unparse the infotarget, but lets pick up everything */
1637 0 : infotarget->length = answer->length - krb5_storage_seek(sp, 0, SEEK_CUR);
1638 0 : infotarget->data = malloc(infotarget->length);
1639 0 : if (infotarget->data == NULL) {
1640 0 : ret = ENOMEM;
1641 0 : goto out;
1642 : }
1643 0 : CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length),
1644 : infotarget->length);
1645 : /* XXX remove the unknown ?? */
1646 0 : krb5_storage_free(sp);
1647 0 : sp = NULL;
1648 :
1649 0 : if (answer->length < 16) {
1650 0 : ret = HNTLM_ERR_INVALID_LENGTH;
1651 0 : goto out;
1652 : }
1653 :
1654 0 : heim_ntlm_derive_ntlm2_sess(ntlmv2,
1655 0 : ((unsigned char *)answer->data) + 16, answer->length - 16,
1656 : serverchallenge,
1657 : serveranswer);
1658 :
1659 0 : if (memcmp(serveranswer, clientanswer, 16) != 0) {
1660 0 : heim_ntlm_free_buf(infotarget);
1661 0 : return HNTLM_ERR_AUTH;
1662 : }
1663 :
1664 0 : return 0;
1665 0 : out:
1666 0 : heim_ntlm_free_buf(infotarget);
1667 0 : if (sp)
1668 0 : krb5_storage_free(sp);
1669 0 : return ret;
1670 : }
1671 :
1672 :
1673 : /*
1674 : * Calculate the NTLM2 Session Response
1675 : *
1676 : * @param clnt_nonce client nonce
1677 : * @param svr_chal server challage
1678 : * @param ntlm2_hash ntlm hash
1679 : * @param lm The LM response, should be freed with heim_ntlm_free_buf().
1680 : * @param ntlm The NTLM response, should be freed with heim_ntlm_free_buf().
1681 : *
1682 : * @return In case of success 0 is return, an errors, a errno in what
1683 : * went wrong.
1684 : *
1685 : * @ingroup ntlm_core
1686 : */
1687 :
1688 : int
1689 0 : heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8],
1690 : const unsigned char svr_chal[8],
1691 : const unsigned char ntlm_hash[16],
1692 : struct ntlm_buf *lm,
1693 : struct ntlm_buf *ntlm)
1694 : {
1695 : unsigned char ntlm2_sess_hash[8];
1696 : unsigned char res[21], *resp;
1697 : int code;
1698 :
1699 0 : code = heim_ntlm_calculate_ntlm2_sess_hash(clnt_nonce, svr_chal,
1700 : ntlm2_sess_hash);
1701 0 : if (code) {
1702 0 : return code;
1703 : }
1704 :
1705 0 : lm->data = malloc(24);
1706 0 : if (lm->data == NULL) {
1707 0 : return ENOMEM;
1708 : }
1709 0 : lm->length = 24;
1710 :
1711 0 : ntlm->data = malloc(24);
1712 0 : if (ntlm->data == NULL) {
1713 0 : free(lm->data);
1714 0 : lm->data = NULL;
1715 0 : return ENOMEM;
1716 : }
1717 0 : ntlm->length = 24;
1718 :
1719 : /* first setup the lm resp */
1720 0 : memset(lm->data, 0, 24);
1721 0 : memcpy(lm->data, clnt_nonce, 8);
1722 :
1723 0 : memset(res, 0, sizeof(res));
1724 0 : memcpy(res, ntlm_hash, 16);
1725 :
1726 0 : resp = ntlm->data;
1727 0 : splitandenc(&res[0], ntlm2_sess_hash, resp + 0);
1728 0 : splitandenc(&res[7], ntlm2_sess_hash, resp + 8);
1729 0 : splitandenc(&res[14], ntlm2_sess_hash, resp + 16);
1730 :
1731 0 : return 0;
1732 : }
1733 :
1734 :
1735 : /*
1736 : * Calculate the NTLM2 Session "Verifier"
1737 : *
1738 : * @param clnt_nonce client nonce
1739 : * @param svr_chal server challage
1740 : * @param hash The NTLM session verifier
1741 : *
1742 : * @return In case of success 0 is return, an errors, a errno in what
1743 : * went wrong.
1744 : *
1745 : * @ingroup ntlm_core
1746 : */
1747 :
1748 : int
1749 0 : heim_ntlm_calculate_ntlm2_sess_hash(const unsigned char clnt_nonce[8],
1750 : const unsigned char svr_chal[8],
1751 : unsigned char verifier[8])
1752 : {
1753 : unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH];
1754 : EVP_MD_CTX *m;
1755 :
1756 0 : m = EVP_MD_CTX_create();
1757 0 : if (m == NULL)
1758 0 : return ENOMEM;
1759 :
1760 0 : EVP_DigestInit_ex(m, EVP_md5(), NULL);
1761 0 : EVP_DigestUpdate(m, svr_chal, 8); /* session nonce part 1 */
1762 0 : EVP_DigestUpdate(m, clnt_nonce, 8); /* session nonce part 2 */
1763 0 : EVP_DigestFinal_ex(m, ntlm2_sess_hash, NULL); /* will only use first 8 bytes */
1764 0 : EVP_MD_CTX_destroy(m);
1765 :
1766 0 : memcpy(verifier, ntlm2_sess_hash, 8);
1767 :
1768 0 : return 0;
1769 : }
1770 :
1771 :
1772 : /*
1773 : * Derive a NTLM2 session key
1774 : *
1775 : * @param sessionkey session key from domain controller
1776 : * @param clnt_nonce client nonce
1777 : * @param svr_chal server challenge
1778 : * @param derivedkey salted session key
1779 : *
1780 : * @return In case of success 0 is return, an errors, a errno in what
1781 : * went wrong.
1782 : *
1783 : * @ingroup ntlm_core
1784 : */
1785 :
1786 : void
1787 0 : heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16],
1788 : const unsigned char *clnt_nonce, size_t clnt_nonce_length,
1789 : const unsigned char svr_chal[8],
1790 : unsigned char derivedkey[16])
1791 : {
1792 : unsigned int hmaclen;
1793 : HMAC_CTX c;
1794 :
1795 : /* HMAC(Ksession, serverchallenge || clientchallenge) */
1796 0 : HMAC_CTX_init(&c);
1797 0 : HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL);
1798 0 : HMAC_Update(&c, svr_chal, 8);
1799 0 : HMAC_Update(&c, clnt_nonce, clnt_nonce_length);
1800 0 : HMAC_Final(&c, derivedkey, &hmaclen);
1801 0 : HMAC_CTX_cleanup(&c);
1802 0 : }
1803 :
|
