summaryrefslogtreecommitdiffstats
path: root/third_party/heimdal/lib/ntlm/ntlm.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:20:00 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:20:00 +0000
commit8daa83a594a2e98f39d764422bfbdbc62c9efd44 (patch)
tree4099e8021376c7d8c05bdf8503093d80e9c7bad0 /third_party/heimdal/lib/ntlm/ntlm.c
parentInitial commit. (diff)
downloadsamba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.tar.xz
samba-8daa83a594a2e98f39d764422bfbdbc62c9efd44.zip
Adding upstream version 2:4.20.0+dfsg.upstream/2%4.20.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'third_party/heimdal/lib/ntlm/ntlm.c')
-rw-r--r--third_party/heimdal/lib/ntlm/ntlm.c2030
1 files changed, 2030 insertions, 0 deletions
diff --git a/third_party/heimdal/lib/ntlm/ntlm.c b/third_party/heimdal/lib/ntlm/ntlm.c
new file mode 100644
index 0000000..7384e18
--- /dev/null
+++ b/third_party/heimdal/lib/ntlm/ntlm.c
@@ -0,0 +1,2030 @@
+/*
+ * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+
+#include <roken.h>
+
+#include <wind.h>
+#include <parse_units.h>
+#include <krb5.h>
+
+
+#define HC_DEPRECATED_CRYPTO
+
+#include "krb5-types.h"
+#include "crypto-headers.h"
+
+#include <heimntlm.h>
+
+/*! \mainpage Heimdal NTLM library
+ *
+ * \section intro Introduction
+ *
+ * Heimdal libheimntlm library is a implementation of the NTLM
+ * protocol, both version 1 and 2. The GSS-API mech that uses this
+ * library adds support for transport encryption and integrity
+ * checking.
+ *
+ * NTLM is a protocol for mutual authentication, its still used in
+ * many protocol where Kerberos is not support, one example is
+ * EAP/X802.1x mechanism LEAP from Microsoft and Cisco.
+ *
+ * This is a support library for the core protocol, its used in
+ * Heimdal to implement and GSS-API mechanism. There is also support
+ * in the KDC to do remote digest authenticiation, this to allow
+ * services to authenticate users w/o direct access to the users ntlm
+ * hashes (same as Kerberos arcfour enctype keys).
+ *
+ * More information about the NTLM protocol can found here
+ * http://davenport.sourceforge.net/ntlm.html .
+ *
+ * The Heimdal projects web page: http://www.h5l.org/
+ *
+ * @section ntlm_example NTLM Example
+ *
+ * Example to to use @ref test_ntlm.c .
+ *
+ * @example test_ntlm.c
+ *
+ * Example how to use the NTLM primitives.
+ *
+ */
+
+/** @defgroup ntlm_core Heimdal NTLM library
+ *
+ * The NTLM core functions implement the string2key generation
+ * function, message encode and decode function, and the hash function
+ * functions.
+ */
+
+struct sec_buffer {
+ uint16_t length;
+ uint16_t allocated;
+ uint32_t offset;
+};
+
+static const unsigned char ntlmsigature[8] = "NTLMSSP\x00";
+
+time_t heim_ntlm_time_skew = 300;
+
+/*
+ *
+ */
+
+#define CHECK(f, e) \
+ do { \
+ ret = f; \
+ if (ret != (ssize_t)(e)) { \
+ ret = HNTLM_ERR_DECODE; \
+ goto out; \
+ } \
+ } while(/*CONSTCOND*/0)
+
+#define CHECK_SIZE(f, e) \
+ do { \
+ ssize_t sret = f; \
+ if (sret != (ssize_t)(e)) { \
+ ret = HNTLM_ERR_DECODE; \
+ goto out; \
+ } \
+ } while(/*CONSTCOND*/0)
+
+#define CHECK_OFFSET(f, e) \
+ do { \
+ off_t sret = f; \
+ if (sret != (e)) { \
+ ret = HNTLM_ERR_DECODE; \
+ goto out; \
+ } \
+ } while(/*CONSTCOND*/0)
+
+
+static struct units ntlm_flag_units[] = {
+#define ntlm_flag(x) { #x, NTLM_##x }
+ ntlm_flag(ENC_56),
+ ntlm_flag(NEG_KEYEX),
+ ntlm_flag(ENC_128),
+ ntlm_flag(MBZ1),
+ ntlm_flag(MBZ2),
+ ntlm_flag(MBZ3),
+ ntlm_flag(NEG_VERSION),
+ ntlm_flag(MBZ4),
+ ntlm_flag(NEG_TARGET_INFO),
+ ntlm_flag(NON_NT_SESSION_KEY),
+ ntlm_flag(MBZ5),
+ ntlm_flag(NEG_IDENTIFY),
+ ntlm_flag(NEG_NTLM2),
+ ntlm_flag(TARGET_SHARE),
+ ntlm_flag(TARGET_SERVER),
+ ntlm_flag(TARGET_DOMAIN),
+ ntlm_flag(NEG_ALWAYS_SIGN),
+ ntlm_flag(MBZ6),
+ ntlm_flag(OEM_SUPPLIED_WORKSTATION),
+ ntlm_flag(OEM_SUPPLIED_DOMAIN),
+ ntlm_flag(NEG_ANONYMOUS),
+ ntlm_flag(NEG_NT_ONLY),
+ ntlm_flag(NEG_NTLM),
+ ntlm_flag(MBZ8),
+ ntlm_flag(NEG_LM_KEY),
+ ntlm_flag(NEG_DATAGRAM),
+ ntlm_flag(NEG_SEAL),
+ ntlm_flag(NEG_SIGN),
+ ntlm_flag(MBZ9),
+ ntlm_flag(NEG_TARGET),
+ ntlm_flag(NEG_OEM),
+ ntlm_flag(NEG_UNICODE),
+#undef ntlm_flag
+ {NULL, 0}
+};
+
+size_t
+heim_ntlm_unparse_flags(uint32_t flags, char *s, size_t len)
+{
+ return unparse_flags(flags, ntlm_flag_units, s, len);
+}
+
+
+/**
+ * heim_ntlm_free_buf frees the ntlm buffer
+ *
+ * @param p buffer to be freed
+ *
+ * @ingroup ntlm_core
+ */
+
+void
+heim_ntlm_free_buf(struct ntlm_buf *p)
+{
+ if (p->data)
+ free(p->data);
+ p->data = NULL;
+ p->length = 0;
+}
+
+
+static int
+ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf)
+{
+ uint16_t *data;
+ size_t len, n;
+ uint8_t *p;
+ int ret;
+
+ ret = wind_utf8ucs2_length(string, &len);
+ if (ret)
+ return ret;
+ if (len > UINT_MAX / sizeof(data[0]))
+ return ERANGE;
+
+ data = malloc(len * sizeof(data[0]));
+ if (data == NULL)
+ return ENOMEM;
+
+ ret = wind_utf8ucs2(string, data, &len);
+ if (ret) {
+ free(data);
+ return ret;
+ }
+
+ if (len == 0) {
+ free(data);
+ buf->data = NULL;
+ buf->length = 0;
+ return 0;
+ }
+
+ /* uppercase string, only handle ascii right now */
+ if (up) {
+ for (n = 0; n < len ; n++) {
+ if (data[n] < 128)
+ data[n] = toupper((int)data[n]);
+ }
+ }
+
+ buf->length = len * 2;
+ p = buf->data = malloc(buf->length);
+ if (buf->data == NULL && len != 0) {
+ free(data);
+ heim_ntlm_free_buf(buf);
+ return ENOMEM;
+ }
+
+ for (n = 0; n < len ; n++) {
+ p[(n * 2) + 0] = (data[n] ) & 0xff;
+ p[(n * 2) + 1] = (data[n] >> 8) & 0xff;
+ }
+ memset(data, 0, sizeof(data[0]) * len);
+ free(data);
+
+ return 0;
+}
+
+/*
+ * Sizes in bytes
+ */
+
+#define SIZE_SEC_BUFFER (2+2+4)
+#define SIZE_OS_VERSION (8)
+
+/*
+ *
+ */
+
+static krb5_error_code
+ret_sec_buffer(krb5_storage *sp, struct sec_buffer *buf)
+{
+ krb5_error_code ret;
+ CHECK(krb5_ret_uint16(sp, &buf->length), 0);
+ CHECK(krb5_ret_uint16(sp, &buf->allocated), 0);
+ CHECK(krb5_ret_uint32(sp, &buf->offset), 0);
+out:
+ return ret;
+}
+
+static krb5_error_code
+store_sec_buffer(krb5_storage *sp, const struct sec_buffer *buf)
+{
+ krb5_error_code ret;
+ CHECK(krb5_store_uint16(sp, buf->length), 0);
+ CHECK(krb5_store_uint16(sp, buf->allocated), 0);
+ CHECK(krb5_store_uint32(sp, buf->offset), 0);
+out:
+ return ret;
+}
+
+/*
+ * Strings are either OEM or UNICODE. The later is encoded as ucs2 on
+ * wire, but using utf8 in memory.
+ */
+
+static size_t
+len_string(int ucs2, const char *s)
+{
+ if (ucs2) {
+ size_t len;
+ int ret;
+
+ ret = wind_utf8ucs2_length(s, &len);
+ if (ret == 0)
+ return len * 2;
+ return strlen(s) * 5 * 2;
+ } else {
+ return strlen(s);
+ }
+}
+
+/*
+ *
+ */
+
+static krb5_error_code
+ret_string(krb5_storage *sp, int ucs2, size_t len, char **s)
+{
+ krb5_error_code ret;
+ uint16_t *data = NULL;
+
+ *s = malloc(len + 1);
+ if (*s == NULL)
+ return ENOMEM;
+ CHECK_SIZE(krb5_storage_read(sp, *s, len), len);
+
+ (*s)[len] = '\0';
+
+ if (ucs2) {
+ unsigned int flags = WIND_RW_LE;
+ size_t utf16len = len / 2;
+ size_t utf8len;
+
+ data = malloc(utf16len * sizeof(data[0]));
+ if (data == NULL) {
+ free(*s); *s = NULL;
+ ret = ENOMEM;
+ goto out;
+ }
+
+ ret = wind_ucs2read(*s, len, &flags, data, &utf16len);
+ free(*s); *s = NULL;
+ if (ret) {
+ goto out;
+ }
+
+ CHECK(wind_ucs2utf8_length(data, utf16len, &utf8len), 0);
+
+ utf8len += 1;
+
+ *s = malloc(utf8len);
+ if (*s == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+
+ CHECK(wind_ucs2utf8(data, utf16len, *s, &utf8len), 0);
+ }
+ ret = 0;
+ out:
+ if (data)
+ free(data);
+
+ return ret;
+}
+
+
+
+static krb5_error_code
+ret_sec_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s)
+{
+ krb5_error_code ret = 0;
+ CHECK_OFFSET(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
+ CHECK(ret_string(sp, ucs2, desc->length, s), 0);
+ out:
+ return ret;
+}
+
+static krb5_error_code
+put_string(krb5_storage *sp, int ucs2, const char *s)
+{
+ krb5_error_code ret;
+ struct ntlm_buf buf;
+
+ if (ucs2) {
+ ret = ascii2ucs2le(s, 0, &buf);
+ if (ret)
+ return ret;
+ } else {
+ buf.data = rk_UNCONST(s);
+ buf.length = strlen(s);
+ }
+
+ CHECK_SIZE(krb5_storage_write(sp, buf.data, buf.length), buf.length);
+ if (ucs2)
+ heim_ntlm_free_buf(&buf);
+ ret = 0;
+out:
+ return ret;
+}
+
+/*
+ *
+ */
+
+static krb5_error_code
+ret_buf(krb5_storage *sp, struct sec_buffer *desc, struct ntlm_buf *buf)
+{
+ krb5_error_code ret;
+
+ buf->data = malloc(desc->length);
+ buf->length = desc->length;
+ CHECK_OFFSET(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset);
+ CHECK_SIZE(krb5_storage_read(sp, buf->data, buf->length), buf->length);
+ ret = 0;
+out:
+ return ret;
+}
+
+static krb5_error_code
+put_buf(krb5_storage *sp, const struct ntlm_buf *buf)
+{
+ krb5_error_code ret;
+ CHECK_SIZE(krb5_storage_write(sp, buf->data, buf->length), buf->length);
+ ret = 0;
+out:
+ return ret;
+}
+
+/**
+ * Frees the ntlm_targetinfo message
+ *
+ * @param ti targetinfo to be freed
+ *
+ * @ingroup ntlm_core
+ */
+
+void
+heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti)
+{
+ free(ti->servername);
+ free(ti->domainname);
+ free(ti->dnsdomainname);
+ free(ti->dnsservername);
+ free(ti->dnstreename);
+ free(ti->targetname);
+ heim_ntlm_free_buf(&ti->channel_bindings);
+ memset(ti, 0, sizeof(*ti));
+}
+
+static int
+encode_ti_string(krb5_storage *out, uint16_t type, int ucs2, char *s)
+{
+ krb5_error_code ret;
+ CHECK(krb5_store_uint16(out, type), 0);
+ CHECK(krb5_store_uint16(out, len_string(ucs2, s)), 0);
+ CHECK(put_string(out, ucs2, s), 0);
+out:
+ return ret;
+}
+
+/**
+ * Encodes a ntlm_targetinfo message.
+ *
+ * @param ti the ntlm_targetinfo message to encode.
+ * @param ucs2 ignored
+ * @param data is the return buffer with the encoded message, should be
+ * freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti,
+ int ucs2,
+ struct ntlm_buf *data)
+{
+ krb5_error_code ret;
+ krb5_storage *out;
+
+ data->data = NULL;
+ data->length = 0;
+
+ out = krb5_storage_emem();
+ if (out == NULL)
+ return ENOMEM;
+
+ krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
+
+ if (ti->servername)
+ CHECK(encode_ti_string(out, 1, ucs2, ti->servername), 0);
+ if (ti->domainname)
+ CHECK(encode_ti_string(out, 2, ucs2, ti->domainname), 0);
+ if (ti->dnsservername)
+ CHECK(encode_ti_string(out, 3, ucs2, ti->dnsservername), 0);
+ if (ti->dnsdomainname)
+ CHECK(encode_ti_string(out, 4, ucs2, ti->dnsdomainname), 0);
+ if (ti->dnstreename)
+ CHECK(encode_ti_string(out, 5, ucs2, ti->dnstreename), 0);
+ if (ti->avflags) {
+ CHECK(krb5_store_uint16(out, 6), 0);
+ CHECK(krb5_store_uint16(out, 4), 0);
+ CHECK(krb5_store_uint32(out, ti->avflags), 0);
+ }
+ if (ti->timestamp) {
+ CHECK(krb5_store_uint16(out, 7), 0);
+ CHECK(krb5_store_uint16(out, 8), 0);
+ CHECK(krb5_store_uint32(out, ti->timestamp & 0xffffffff), 0);
+ CHECK(krb5_store_uint32(out, (ti->timestamp >> 32) & 0xffffffff), 0);
+ }
+ if (ti->targetname) {
+ CHECK(encode_ti_string(out, 9, ucs2, ti->targetname), 0);
+ }
+ if (ti->channel_bindings.length) {
+ CHECK(krb5_store_uint16(out, 10), 0);
+ CHECK(krb5_store_uint16(out, ti->channel_bindings.length), 0);
+ CHECK_SIZE(krb5_storage_write(out, ti->channel_bindings.data, ti->channel_bindings.length), ti->channel_bindings.length);
+ }
+
+ /* end tag */
+ CHECK(krb5_store_int16(out, 0), 0);
+ CHECK(krb5_store_int16(out, 0), 0);
+
+ {
+ krb5_data d;
+ ret = krb5_storage_to_data(out, &d);
+ data->data = d.data;
+ data->length = d.length;
+ }
+out:
+ krb5_storage_free(out);
+ return ret;
+}
+
+/**
+ * Decodes an NTLM targetinfo message
+ *
+ * @param data input data buffer with the encode NTLM targetinfo message
+ * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
+ * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_decode_targetinfo(const struct ntlm_buf *data,
+ int ucs2,
+ struct ntlm_targetinfo *ti)
+{
+ uint16_t type, len;
+ krb5_storage *in;
+ int ret = 0, done = 0;
+
+ memset(ti, 0, sizeof(*ti));
+
+ if (data->length == 0)
+ return 0;
+
+ in = krb5_storage_from_readonly_mem(data->data, data->length);
+ if (in == NULL)
+ return ENOMEM;
+ krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
+
+ while (!done) {
+ CHECK(krb5_ret_uint16(in, &type), 0);
+ CHECK(krb5_ret_uint16(in, &len), 0);
+
+ switch (type) {
+ case 0:
+ done = 1;
+ break;
+ case 1:
+ CHECK(ret_string(in, ucs2, len, &ti->servername), 0);
+ break;
+ case 2:
+ CHECK(ret_string(in, ucs2, len, &ti->domainname), 0);
+ break;
+ case 3:
+ CHECK(ret_string(in, ucs2, len, &ti->dnsservername), 0);
+ break;
+ case 4:
+ CHECK(ret_string(in, ucs2, len, &ti->dnsdomainname), 0);
+ break;
+ case 5:
+ CHECK(ret_string(in, ucs2, len, &ti->dnstreename), 0);
+ break;
+ case 6:
+ CHECK(krb5_ret_uint32(in, &ti->avflags), 0);
+ break;
+ case 7: {
+ uint32_t tmp;
+ CHECK(krb5_ret_uint32(in, &tmp), 0);
+ ti->timestamp = tmp;
+ CHECK(krb5_ret_uint32(in, &tmp), 0);
+ ti->timestamp |= ((uint64_t)tmp) << 32;
+ break;
+ }
+ case 9:
+ CHECK(ret_string(in, 1, len, &ti->targetname), 0);
+ break;
+ case 10:
+ ti->channel_bindings.data = malloc(len);
+ if (ti->channel_bindings.data == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ti->channel_bindings.length = len;
+ CHECK_SIZE(krb5_storage_read(in, ti->channel_bindings.data, len), len);
+ break;
+ default:
+ krb5_storage_seek(in, len, SEEK_CUR);
+ break;
+ }
+ }
+ out:
+ if (in)
+ krb5_storage_free(in);
+ return ret;
+}
+
+static krb5_error_code
+encode_os_version(krb5_storage *out)
+{
+ krb5_error_code ret;
+ CHECK(krb5_store_uint8(out, 0x06), 0);
+ CHECK(krb5_store_uint8(out, 0x01), 0);
+ CHECK(krb5_store_uint16(out, 0x1db0), 0);
+ CHECK(krb5_store_uint8(out, 0x00), 0);
+ CHECK(krb5_store_uint8(out, 0x00), 0);
+ CHECK(krb5_store_uint8(out, 0x00), 0);
+ CHECK(krb5_store_uint8(out, 0x0f), 0); /* ntlm version 15 */
+ out:
+ return ret;
+}
+
+/**
+ * Frees the ntlm_type1 message
+ *
+ * @param data message to be freed
+ *
+ * @ingroup ntlm_core
+ */
+
+void
+heim_ntlm_free_type1(struct ntlm_type1 *data)
+{
+ if (data->domain)
+ free(data->domain);
+ if (data->hostname)
+ free(data->hostname);
+ memset(data, 0, sizeof(*data));
+}
+
+int
+heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data)
+{
+ krb5_error_code ret;
+ unsigned char sig[8];
+ uint32_t type;
+ struct sec_buffer domain, hostname;
+ krb5_storage *in;
+ int ucs2;
+
+ memset(data, 0, sizeof(*data));
+
+ in = krb5_storage_from_readonly_mem(buf->data, buf->length);
+ if (in == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
+
+ CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
+ CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
+ CHECK(krb5_ret_uint32(in, &type), 0);
+ CHECK(type, 1);
+ CHECK(krb5_ret_uint32(in, &data->flags), 0);
+
+ ucs2 = !!(data->flags & NTLM_NEG_UNICODE);
+
+ /*
+ * domain and hostname are unconditionally encoded regardless of
+ * NTLMSSP_NEGOTIATE_OEM_{HOSTNAME,WORKSTATION}_SUPPLIED flag
+ */
+ CHECK(ret_sec_buffer(in, &domain), 0);
+ CHECK(ret_sec_buffer(in, &hostname), 0);
+
+ if (data->flags & NTLM_NEG_VERSION) {
+ CHECK(krb5_ret_uint32(in, &data->os[0]), 0);
+ CHECK(krb5_ret_uint32(in, &data->os[1]), 0);
+ }
+
+ if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN)
+ CHECK(ret_sec_string(in, ucs2, &domain, &data->domain), 0);
+ if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION)
+ CHECK(ret_sec_string(in, ucs2, &hostname, &data->hostname), 0);
+
+out:
+ if (in)
+ krb5_storage_free(in);
+ if (ret)
+ heim_ntlm_free_type1(data);
+
+ return ret;
+}
+
+/**
+ * Encodes an ntlm_type1 message.
+ *
+ * @param type1 the ntlm_type1 message to encode.
+ * @param data is the return buffer with the encoded message, should be
+ * freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data)
+{
+ krb5_error_code ret;
+ struct sec_buffer domain, hostname;
+ krb5_storage *out;
+ uint32_t base, flags;
+ int ucs2 = 0;
+
+ flags = type1->flags;
+ base = 16;
+
+ if (flags & NTLM_NEG_UNICODE)
+ ucs2 = 1;
+
+ if (type1->domain) {
+ base += SIZE_SEC_BUFFER;
+ flags |= NTLM_OEM_SUPPLIED_DOMAIN;
+ }
+ if (type1->hostname) {
+ base += SIZE_SEC_BUFFER;
+ flags |= NTLM_OEM_SUPPLIED_WORKSTATION;
+ }
+ if (flags & NTLM_NEG_VERSION)
+ base += SIZE_OS_VERSION; /* os */
+
+ if (type1->domain) {
+ domain.offset = base;
+ domain.length = len_string(ucs2, type1->domain);
+ domain.allocated = domain.length;
+ } else {
+ domain.offset = 0;
+ domain.length = 0;
+ domain.allocated = 0;
+ }
+
+ if (type1->hostname) {
+ hostname.offset = domain.allocated + domain.offset;
+ hostname.length = len_string(ucs2, type1->hostname);
+ hostname.allocated = hostname.length;
+ } else {
+ hostname.offset = 0;
+ hostname.length = 0;
+ hostname.allocated = 0;
+ }
+
+ out = krb5_storage_emem();
+ if (out == NULL)
+ return ENOMEM;
+
+ krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
+ CHECK_SIZE(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
+ sizeof(ntlmsigature));
+ CHECK(krb5_store_uint32(out, 1), 0);
+ CHECK(krb5_store_uint32(out, flags), 0);
+
+ CHECK(store_sec_buffer(out, &domain), 0);
+ CHECK(store_sec_buffer(out, &hostname), 0);
+
+ if (flags & NTLM_NEG_VERSION) {
+ CHECK(encode_os_version(out), 0);
+ }
+ if (type1->domain)
+ CHECK(put_string(out, ucs2, type1->domain), 0);
+ if (type1->hostname)
+ CHECK(put_string(out, ucs2, type1->hostname), 0);
+
+ {
+ krb5_data d;
+ ret = krb5_storage_to_data(out, &d);
+ data->data = d.data;
+ data->length = d.length;
+ }
+out:
+ krb5_storage_free(out);
+
+ return ret;
+}
+
+/**
+ * Frees the ntlm_type2 message
+ *
+ * @param data message to be freed
+ *
+ * @ingroup ntlm_core
+ */
+
+void
+heim_ntlm_free_type2(struct ntlm_type2 *data)
+{
+ if (data->targetname)
+ free(data->targetname);
+ heim_ntlm_free_buf(&data->targetinfo);
+ memset(data, 0, sizeof(*data));
+}
+
+int
+heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2)
+{
+ krb5_error_code ret;
+ unsigned char sig[8];
+ uint32_t type, ctx[2];
+ struct sec_buffer targetname, targetinfo;
+ krb5_storage *in;
+ int ucs2 = 0;
+
+ memset(type2, 0, sizeof(*type2));
+
+ in = krb5_storage_from_readonly_mem(buf->data, buf->length);
+ if (in == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
+
+ CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
+ CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
+ CHECK(krb5_ret_uint32(in, &type), 0);
+ CHECK(type, 2);
+
+ CHECK(ret_sec_buffer(in, &targetname), 0);
+ CHECK(krb5_ret_uint32(in, &type2->flags), 0);
+ if (type2->flags & NTLM_NEG_UNICODE)
+ ucs2 = 1;
+ CHECK_SIZE(krb5_storage_read(in, type2->challenge, sizeof(type2->challenge)),
+ sizeof(type2->challenge));
+ CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */
+ CHECK(krb5_ret_uint32(in, &ctx[1]), 0);
+ CHECK(ret_sec_buffer(in, &targetinfo), 0);
+ /* os version */
+ if (type2->flags & NTLM_NEG_VERSION) {
+ CHECK(krb5_ret_uint32(in, &type2->os[0]), 0);
+ CHECK(krb5_ret_uint32(in, &type2->os[1]), 0);
+ }
+
+ CHECK(ret_sec_string(in, ucs2, &targetname, &type2->targetname), 0);
+ CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0);
+ ret = 0;
+
+out:
+ if (in)
+ krb5_storage_free(in);
+ if (ret)
+ heim_ntlm_free_type2(type2);
+
+ return ret;
+}
+
+/**
+ * Encodes an ntlm_type2 message.
+ *
+ * @param type2 the ntlm_type2 message to encode.
+ * @param data is the return buffer with the encoded message, should be
+ * freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data)
+{
+ struct sec_buffer targetname, targetinfo;
+ krb5_error_code ret;
+ krb5_storage *out = NULL;
+ uint32_t base;
+ int ucs2 = 0;
+
+ base = 48;
+
+ if (type2->flags & NTLM_NEG_VERSION)
+ base += SIZE_OS_VERSION;
+
+ if (type2->flags & NTLM_NEG_UNICODE)
+ ucs2 = 1;
+
+ targetname.offset = base;
+ targetname.length = len_string(ucs2, type2->targetname);
+ targetname.allocated = targetname.length;
+
+ targetinfo.offset = targetname.allocated + targetname.offset;
+ targetinfo.length = type2->targetinfo.length;
+ targetinfo.allocated = type2->targetinfo.length;
+
+ out = krb5_storage_emem();
+ if (out == NULL)
+ return ENOMEM;
+
+ krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
+ CHECK_SIZE(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
+ sizeof(ntlmsigature));
+ CHECK(krb5_store_uint32(out, 2), 0);
+ CHECK(store_sec_buffer(out, &targetname), 0);
+ CHECK(krb5_store_uint32(out, type2->flags), 0);
+ CHECK_SIZE(krb5_storage_write(out, type2->challenge, sizeof(type2->challenge)),
+ sizeof(type2->challenge));
+ CHECK(krb5_store_uint32(out, 0), 0); /* context */
+ CHECK(krb5_store_uint32(out, 0), 0);
+ CHECK(store_sec_buffer(out, &targetinfo), 0);
+ /* os version */
+ if (type2->flags & NTLM_NEG_VERSION) {
+ CHECK(encode_os_version(out), 0);
+ }
+ CHECK(put_string(out, ucs2, type2->targetname), 0);
+ CHECK_SIZE(krb5_storage_write(out, type2->targetinfo.data,
+ type2->targetinfo.length),
+ type2->targetinfo.length);
+
+ {
+ krb5_data d;
+ ret = krb5_storage_to_data(out, &d);
+ data->data = d.data;
+ data->length = d.length;
+ }
+
+out:
+ krb5_storage_free(out);
+
+ return ret;
+}
+
+/**
+ * Frees the ntlm_type3 message
+ *
+ * @param data message to be freed
+ *
+ * @ingroup ntlm_core
+ */
+
+void
+heim_ntlm_free_type3(struct ntlm_type3 *data)
+{
+ heim_ntlm_free_buf(&data->lm);
+ heim_ntlm_free_buf(&data->ntlm);
+ if (data->targetname)
+ free(data->targetname);
+ if (data->username)
+ free(data->username);
+ if (data->ws)
+ free(data->ws);
+ heim_ntlm_free_buf(&data->sessionkey);
+ memset(data, 0, sizeof(*data));
+}
+
+/*
+ *
+ */
+
+int
+heim_ntlm_decode_type3(const struct ntlm_buf *buf,
+ int ucs2,
+ struct ntlm_type3 *type3)
+{
+ krb5_error_code ret;
+ unsigned char sig[8];
+ uint32_t type;
+ krb5_storage *in;
+ struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
+ uint32_t min_offset = 0xffffffff;
+
+ memset(type3, 0, sizeof(*type3));
+ memset(&sessionkey, 0, sizeof(sessionkey));
+
+ in = krb5_storage_from_readonly_mem(buf->data, buf->length);
+ if (in == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
+
+ CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
+ CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
+ CHECK(krb5_ret_uint32(in, &type), 0);
+ CHECK(type, 3);
+ CHECK(ret_sec_buffer(in, &lm), 0);
+ if (lm.allocated)
+ min_offset = min(min_offset, lm.offset);
+ CHECK(ret_sec_buffer(in, &ntlm), 0);
+ if (ntlm.allocated)
+ min_offset = min(min_offset, ntlm.offset);
+ CHECK(ret_sec_buffer(in, &target), 0);
+ min_offset = min(min_offset, target.offset);
+ CHECK(ret_sec_buffer(in, &username), 0);
+ min_offset = min(min_offset, username.offset);
+ CHECK(ret_sec_buffer(in, &ws), 0);
+ if (ws.allocated)
+ min_offset = min(min_offset, ws.offset);
+
+ if (min_offset >= 52) {
+ CHECK(ret_sec_buffer(in, &sessionkey), 0);
+ min_offset = min(min_offset, sessionkey.offset);
+ CHECK(krb5_ret_uint32(in, &type3->flags), 0);
+ }
+ if (min_offset >= 52 + SIZE_SEC_BUFFER + 4 + SIZE_OS_VERSION) {
+ CHECK(krb5_ret_uint32(in, &type3->os[0]), 0);
+ CHECK(krb5_ret_uint32(in, &type3->os[1]), 0);
+ }
+ if (min_offset >= 52 + SIZE_SEC_BUFFER + 4 + SIZE_OS_VERSION + 16) {
+ type3->mic_offset = 52 + SIZE_SEC_BUFFER + 4 + SIZE_OS_VERSION;
+ CHECK_SIZE(krb5_storage_read(in, type3->mic, sizeof(type3->mic)), sizeof(type3->mic));
+ } else
+ type3->mic_offset = 0;
+ CHECK(ret_buf(in, &lm, &type3->lm), 0);
+ CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0);
+ CHECK(ret_sec_string(in, ucs2, &target, &type3->targetname), 0);
+ CHECK(ret_sec_string(in, ucs2, &username, &type3->username), 0);
+ CHECK(ret_sec_string(in, ucs2, &ws, &type3->ws), 0);
+ if (sessionkey.offset)
+ CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0);
+
+out:
+ if (in)
+ krb5_storage_free(in);
+ if (ret)
+ heim_ntlm_free_type3(type3);
+
+ return ret;
+}
+
+/**
+ * Encodes an ntlm_type3 message.
+ *
+ * @param type3 the ntlm_type3 message to encode.
+ * @param data is the return buffer with the encoded message, should be
+ * @param[out] mic_offset offset of message integrity code
+ * freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data, size_t *mic_offset)
+{
+ struct sec_buffer lm, ntlm, target, username, sessionkey, ws;
+ krb5_error_code ret;
+ krb5_storage *out = NULL;
+ uint32_t base;
+ int ucs2 = 0;
+
+ memset(&lm, 0, sizeof(lm));
+ memset(&ntlm, 0, sizeof(ntlm));
+ memset(&target, 0, sizeof(target));
+ memset(&username, 0, sizeof(username));
+ memset(&ws, 0, sizeof(ws));
+ memset(&sessionkey, 0, sizeof(sessionkey));
+
+ base = 52;
+
+ base += 8; /* sessionkey sec buf */
+ base += 4; /* flags */
+ if (type3->flags & NTLM_NEG_VERSION)
+ base += SIZE_OS_VERSION; /* os flags */
+
+ if (mic_offset) {
+ *mic_offset = base;
+ base += 16;
+ }
+
+ if (type3->flags & NTLM_NEG_UNICODE)
+ ucs2 = 1;
+
+ target.offset = base;
+ target.length = len_string(ucs2, type3->targetname);
+ target.allocated = target.length;
+
+ username.offset = target.offset + target.allocated;
+ username.length = len_string(ucs2, type3->username);
+ username.allocated = username.length;
+
+ ws.offset = username.offset + username.allocated;
+ ws.length = len_string(ucs2, type3->ws);
+ ws.allocated = ws.length;
+
+ lm.offset = ws.offset + ws.allocated;
+ lm.length = type3->lm.length;
+ lm.allocated = type3->lm.length;
+
+ ntlm.offset = lm.offset + lm.allocated;
+ ntlm.length = type3->ntlm.length;
+ ntlm.allocated = ntlm.length;
+
+ sessionkey.offset = ntlm.offset + ntlm.allocated;
+ sessionkey.length = type3->sessionkey.length;
+ sessionkey.allocated = type3->sessionkey.length;
+
+ out = krb5_storage_emem();
+ if (out == NULL)
+ return ENOMEM;
+
+ krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE);
+ CHECK_SIZE(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)),
+ sizeof(ntlmsigature));
+ CHECK(krb5_store_uint32(out, 3), 0);
+
+ CHECK(store_sec_buffer(out, &lm), 0);
+ CHECK(store_sec_buffer(out, &ntlm), 0);
+ CHECK(store_sec_buffer(out, &target), 0);
+ CHECK(store_sec_buffer(out, &username), 0);
+ CHECK(store_sec_buffer(out, &ws), 0);
+ CHECK(store_sec_buffer(out, &sessionkey), 0);
+ CHECK(krb5_store_uint32(out, type3->flags), 0);
+
+ /* os version */
+ if (type3->flags & NTLM_NEG_VERSION) {
+ CHECK(encode_os_version(out), 0);
+ }
+
+ if (mic_offset) {
+ static const uint8_t buf[16] = { 0 };
+ CHECK_SIZE(krb5_storage_write(out, buf, sizeof(buf)), sizeof(buf));
+ }
+
+ CHECK(put_string(out, ucs2, type3->targetname), 0);
+ CHECK(put_string(out, ucs2, type3->username), 0);
+ CHECK(put_string(out, ucs2, type3->ws), 0);
+ CHECK(put_buf(out, &type3->lm), 0);
+ CHECK(put_buf(out, &type3->ntlm), 0);
+ CHECK(put_buf(out, &type3->sessionkey), 0);
+
+ {
+ krb5_data d;
+ ret = krb5_storage_to_data(out, &d);
+ data->data = d.data;
+ data->length = d.length;
+ }
+
+out:
+ krb5_storage_free(out);
+
+ return ret;
+}
+
+
+/*
+ *
+ */
+
+static void
+splitandenc(unsigned char *hash,
+ unsigned char *challenge,
+ unsigned char *answer)
+{
+ EVP_CIPHER_CTX ctx;
+ unsigned char key[8];
+
+ key[0] = hash[0];
+ key[1] = (hash[0] << 7) | (hash[1] >> 1);
+ key[2] = (hash[1] << 6) | (hash[2] >> 2);
+ key[3] = (hash[2] << 5) | (hash[3] >> 3);
+ key[4] = (hash[3] << 4) | (hash[4] >> 4);
+ key[5] = (hash[4] << 3) | (hash[5] >> 5);
+ key[6] = (hash[5] << 2) | (hash[6] >> 6);
+ key[7] = (hash[6] << 1);
+
+ EVP_CIPHER_CTX_init(&ctx);
+
+ EVP_CipherInit_ex(&ctx, EVP_des_cbc(), NULL, key, NULL, 1);
+ EVP_Cipher(&ctx, answer, challenge, 8);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ memset_s(key, sizeof(key), 0, sizeof(key));
+}
+
+/**
+ * Calculate the NTLM key, the password is assumed to be in UTF8.
+ *
+ * @param password password to calcute the key for.
+ * @param key calcuted key, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_nt_key(const char *password, struct ntlm_buf *key)
+{
+ struct ntlm_buf buf;
+ EVP_MD_CTX *m;
+ int ret;
+
+ key->data = malloc(MD4_DIGEST_LENGTH);
+ if (key->data == NULL)
+ return ENOMEM;
+ key->length = MD4_DIGEST_LENGTH;
+
+ ret = ascii2ucs2le(password, 0, &buf);
+ if (ret) {
+ heim_ntlm_free_buf(key);
+ return ret;
+ }
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL) {
+ heim_ntlm_free_buf(key);
+ heim_ntlm_free_buf(&buf);
+ return ENOMEM;
+ }
+
+ EVP_DigestInit_ex(m, EVP_md4(), NULL);
+ EVP_DigestUpdate(m, buf.data, buf.length);
+ EVP_DigestFinal_ex(m, key->data, NULL);
+ EVP_MD_CTX_destroy(m);
+
+ heim_ntlm_free_buf(&buf);
+ return 0;
+}
+
+/**
+ * Calculate NTLMv1 response hash
+ *
+ * @param key the ntlm v1 key
+ * @param len length of key
+ * @param challenge sent by the server
+ * @param answer calculated answer, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_calculate_ntlm1(void *key, size_t len,
+ unsigned char challenge[8],
+ struct ntlm_buf *answer)
+{
+ unsigned char res[21];
+
+ if (len != MD4_DIGEST_LENGTH)
+ return HNTLM_ERR_INVALID_LENGTH;
+
+ memcpy(res, key, len);
+ memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH);
+
+ answer->data = malloc(24);
+ if (answer->data == NULL)
+ return ENOMEM;
+ answer->length = 24;
+
+ splitandenc(&res[0], challenge, ((unsigned char *)answer->data) + 0);
+ splitandenc(&res[7], challenge, ((unsigned char *)answer->data) + 8);
+ splitandenc(&res[14], challenge, ((unsigned char *)answer->data) + 16);
+
+ return 0;
+}
+
+int
+heim_ntlm_v1_base_session(void *key, size_t len,
+ struct ntlm_buf *session)
+{
+ EVP_MD_CTX *m;
+
+ session->length = MD4_DIGEST_LENGTH;
+ session->data = malloc(session->length);
+ if (session->data == NULL) {
+ session->length = 0;
+ return ENOMEM;
+ }
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL) {
+ heim_ntlm_free_buf(session);
+ return ENOMEM;
+ }
+ EVP_DigestInit_ex(m, EVP_md4(), NULL);
+ EVP_DigestUpdate(m, key, len);
+ EVP_DigestFinal_ex(m, session->data, NULL);
+ EVP_MD_CTX_destroy(m);
+
+ return 0;
+}
+
+int
+heim_ntlm_v2_base_session(void *key, size_t len,
+ struct ntlm_buf *ntlmResponse,
+ struct ntlm_buf *session)
+{
+ unsigned int hmaclen;
+ HMAC_CTX c;
+
+ if (ntlmResponse->length <= 16)
+ return HNTLM_ERR_INVALID_LENGTH;
+
+ session->data = malloc(16);
+ if (session->data == NULL)
+ return ENOMEM;
+ session->length = 16;
+
+ /* Note: key is the NTLMv2 key */
+ HMAC_CTX_init(&c);
+ if (HMAC_Init_ex(&c, key, len, EVP_md5(), NULL) == 0) {
+ HMAC_CTX_cleanup(&c);
+ return ENOMEM;
+ }
+ HMAC_Update(&c, ntlmResponse->data, 16);
+ HMAC_Final(&c, session->data, &hmaclen);
+ HMAC_CTX_cleanup(&c);
+
+ return 0;
+}
+
+
+int
+heim_ntlm_keyex_wrap(struct ntlm_buf *base_session,
+ struct ntlm_buf *session,
+ struct ntlm_buf *encryptedSession)
+{
+ EVP_CIPHER_CTX c;
+ int ret;
+
+ if (base_session->length != MD4_DIGEST_LENGTH)
+ return HNTLM_ERR_INVALID_LENGTH;
+
+ session->length = MD4_DIGEST_LENGTH;
+ session->data = malloc(session->length);
+ if (session->data == NULL) {
+ session->length = 0;
+ return ENOMEM;
+ }
+ encryptedSession->length = MD4_DIGEST_LENGTH;
+ encryptedSession->data = malloc(encryptedSession->length);
+ if (encryptedSession->data == NULL) {
+ heim_ntlm_free_buf(session);
+ encryptedSession->length = 0;
+ return ENOMEM;
+ }
+
+ EVP_CIPHER_CTX_init(&c);
+
+ ret = EVP_CipherInit_ex(&c, EVP_rc4(), NULL, base_session->data, NULL, 1);
+ if (ret != 1) {
+ EVP_CIPHER_CTX_cleanup(&c);
+ heim_ntlm_free_buf(encryptedSession);
+ heim_ntlm_free_buf(session);
+ return HNTLM_ERR_CRYPTO;
+ }
+
+ if (RAND_bytes(session->data, session->length) != 1) {
+ EVP_CIPHER_CTX_cleanup(&c);
+ heim_ntlm_free_buf(encryptedSession);
+ heim_ntlm_free_buf(session);
+ return HNTLM_ERR_RAND;
+ }
+
+ EVP_Cipher(&c, encryptedSession->data, session->data, encryptedSession->length);
+ EVP_CIPHER_CTX_cleanup(&c);
+
+ return 0;
+
+
+
+}
+
+/**
+ * Generates an NTLMv1 session random with assosited session master key.
+ *
+ * @param key the ntlm v1 key
+ * @param len length of key
+ * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
+ * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_build_ntlm1_master(void *key, size_t len,
+ struct ntlm_buf *session,
+ struct ntlm_buf *master)
+{
+ struct ntlm_buf sess;
+ int ret;
+
+ ret = heim_ntlm_v1_base_session(key, len, &sess);
+ if (ret)
+ return ret;
+
+ ret = heim_ntlm_keyex_wrap(&sess, session, master);
+ heim_ntlm_free_buf(&sess);
+
+ return ret;
+}
+
+/**
+ * Generates an NTLMv2 session random with associated session master key.
+ *
+ * @param key the NTLMv2 key
+ * @param len length of key
+ * @param blob the NTLMv2 "blob"
+ * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
+ * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+
+int
+heim_ntlm_build_ntlm2_master(void *key, size_t len,
+ struct ntlm_buf *blob,
+ struct ntlm_buf *session,
+ struct ntlm_buf *master)
+{
+ struct ntlm_buf sess;
+ int ret;
+
+ ret = heim_ntlm_v2_base_session(key, len, blob, &sess);
+ if (ret)
+ return ret;
+
+ ret = heim_ntlm_keyex_wrap(&sess, session, master);
+ heim_ntlm_free_buf(&sess);
+
+ return ret;
+}
+
+/**
+ * Given a key and encrypted session, unwrap the session key
+ *
+ * @param baseKey the sessionBaseKey
+ * @param encryptedSession encrypted session, type3.session field.
+ * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_keyex_unwrap(struct ntlm_buf *baseKey,
+ struct ntlm_buf *encryptedSession,
+ struct ntlm_buf *session)
+{
+ EVP_CIPHER_CTX c;
+
+ memset(session, 0, sizeof(*session));
+
+ if (encryptedSession->length != MD4_DIGEST_LENGTH)
+ return HNTLM_ERR_INVALID_LENGTH;
+ if (baseKey->length != MD4_DIGEST_LENGTH)
+ return HNTLM_ERR_INVALID_LENGTH;
+
+ session->length = MD4_DIGEST_LENGTH;
+ session->data = malloc(session->length);
+ if (session->data == NULL) {
+ session->length = 0;
+ return ENOMEM;
+ }
+ EVP_CIPHER_CTX_init(&c);
+
+ if (EVP_CipherInit_ex(&c, EVP_rc4(), NULL, baseKey->data, NULL, 0) != 1) {
+ EVP_CIPHER_CTX_cleanup(&c);
+ heim_ntlm_free_buf(session);
+ return HNTLM_ERR_CRYPTO;
+ }
+
+ EVP_Cipher(&c, session->data, encryptedSession->data, session->length);
+ EVP_CIPHER_CTX_cleanup(&c);
+
+ return 0;
+}
+
+
+/**
+ * Generates an NTLMv2 session key.
+ *
+ * @param key the ntlm key
+ * @param len length of key
+ * @param username name of the user, as sent in the message, assumed to be in UTF8.
+ * @param target the name of the target, assumed to be in UTF8.
+ * @param upper_case_target upper case the target, should not be used only for legacy systems
+ * @param ntlmv2 the ntlmv2 session key
+ *
+ * @return 0 on success, or an error code on failure.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_ntlmv2_key(const void *key, size_t len,
+ const char *username,
+ const char *target,
+ int upper_case_target,
+ unsigned char ntlmv2[16])
+{
+ int ret;
+ unsigned int hmaclen;
+ struct ntlm_buf buf;
+ HMAC_CTX c;
+
+ HMAC_CTX_init(&c);
+ if (HMAC_Init_ex(&c, key, len, EVP_md5(), NULL) == 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ /* uppercase username and turn it into ucs2-le */
+ ret = ascii2ucs2le(username, 1, &buf);
+ if (ret)
+ goto out;
+ HMAC_Update(&c, buf.data, buf.length);
+ free(buf.data);
+ /* turn target into ucs2-le */
+ ret = ascii2ucs2le(target, upper_case_target, &buf);
+ if (ret)
+ goto out;
+ HMAC_Update(&c, buf.data, buf.length);
+ free(buf.data);
+ HMAC_Final(&c, ntlmv2, &hmaclen);
+ out:
+ HMAC_CTX_cleanup(&c);
+ memset(&c, 0, sizeof(c));
+
+ return ret;
+}
+
+/*
+ *
+ */
+
+#define NTTIME_EPOCH 0x019DB1DED53E8000LL
+
+uint64_t
+heim_ntlm_unix2ts_time(time_t unix_time)
+{
+ long long wt;
+ wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH;
+ return wt;
+}
+
+time_t
+heim_ntlm_ts2unixtime(uint64_t t)
+{
+ t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000);
+ if (t > (((uint64_t)(time_t)(~(uint64_t)0)) >> 1))
+ return 0;
+ return (time_t)t;
+}
+
+/**
+ * Calculate LMv2 response
+ *
+ * @param key the ntlm key
+ * @param len length of key
+ * @param username name of the user, as sent in the message, assumed to be in UTF8.
+ * @param target the name of the target, assumed to be in UTF8.
+ * @param serverchallenge challenge as sent by the server in the type2 message.
+ * @param ntlmv2 calculated session key
+ * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_calculate_lm2(const void *key, size_t len,
+ const char *username,
+ const char *target,
+ const unsigned char serverchallenge[8],
+ unsigned char ntlmv2[16],
+ struct ntlm_buf *answer)
+{
+ unsigned char clientchallenge[8];
+ krb5_error_code ret;
+
+ if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
+ return HNTLM_ERR_RAND;
+
+ /* calculate ntlmv2 key */
+
+ heim_ntlm_ntlmv2_key(key, len, username, target, 0, ntlmv2);
+
+ answer->data = malloc(24);
+ if (answer->data == NULL)
+ return ENOMEM;
+ answer->length = 24;
+
+ ret = heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8,
+ serverchallenge, answer->data);
+ if (ret == 0)
+ memcpy(((unsigned char *)answer->data) + 16, clientchallenge, 8);
+
+ return ret;
+}
+
+
+/**
+ * Calculate NTLMv2 response
+ *
+ * @param key the ntlm key
+ * @param len length of key
+ * @param username name of the user, as sent in the message, assumed to be in UTF8.
+ * @param target the name of the target, assumed to be in UTF8.
+ * @param serverchallenge challenge as sent by the server in the type2 message.
+ * @param infotarget infotarget as sent by the server in the type2 message.
+ * @param ntlmv2 calculated session key
+ * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_calculate_ntlm2(const void *key, size_t len,
+ const char *username,
+ const char *target,
+ const unsigned char serverchallenge[8],
+ const struct ntlm_buf *infotarget,
+ unsigned char ntlmv2[16],
+ struct ntlm_buf *answer)
+{
+ krb5_error_code ret;
+ krb5_data data;
+ unsigned char ntlmv2answer[16];
+ krb5_storage *sp;
+ unsigned char clientchallenge[8];
+ uint64_t t;
+
+ t = heim_ntlm_unix2ts_time(time(NULL));
+
+ if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1)
+ return HNTLM_ERR_RAND;
+
+ /* calculate ntlmv2 key */
+
+ heim_ntlm_ntlmv2_key(key, len, username, target, 0, ntlmv2);
+
+ /* calculate and build ntlmv2 answer */
+
+ sp = krb5_storage_emem();
+ if (sp == NULL)
+ return ENOMEM;
+ krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
+
+ CHECK(krb5_store_uint32(sp, 0x00000101), 0);
+ CHECK(krb5_store_uint32(sp, 0), 0);
+ /* timestamp le 64 bit ts */
+ CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0);
+ CHECK(krb5_store_uint32(sp, t >> 32), 0);
+
+ CHECK_SIZE(krb5_storage_write(sp, clientchallenge, 8), 8);
+
+ CHECK(krb5_store_uint32(sp, 0), 0); /* Z(4) */
+ CHECK_SIZE(krb5_storage_write(sp, infotarget->data, infotarget->length),
+ infotarget->length);
+
+ /*
+ * These last 4 bytes(Z(4)) are not documented by MicroSoft and
+ * SnowLeopard doesn't send them, Lion expected them to be there,
+ * so we have to continue to send them. That is ok, since everyone
+ * else (except Snow) seems to do that too.
+ */
+ CHECK(krb5_store_uint32(sp, 0), 0); /* Z(4) */
+
+ CHECK(krb5_storage_to_data(sp, &data), 0);
+ krb5_storage_free(sp);
+ sp = NULL;
+
+ ret = heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length,
+ serverchallenge, ntlmv2answer);
+ if (ret)
+ return ret;
+
+ sp = krb5_storage_emem();
+ if (sp == NULL) {
+ krb5_data_free(&data);
+ return ENOMEM;
+ }
+
+ CHECK_SIZE(krb5_storage_write(sp, ntlmv2answer, 16), 16);
+ CHECK_SIZE(krb5_storage_write(sp, data.data, data.length), data.length);
+ krb5_data_free(&data);
+
+ CHECK(krb5_storage_to_data(sp, &data), 0);
+ krb5_storage_free(sp);
+ sp = NULL;
+
+ answer->data = data.data;
+ answer->length = data.length;
+
+ return 0;
+out:
+ if (sp)
+ krb5_storage_free(sp);
+ return ret;
+}
+
+static const int authtimediff = 3600 * 2; /* 2 hours */
+
+static int
+verify_ntlm2(const void *key, size_t len,
+ const char *username,
+ const char *target,
+ int upper_case_target,
+ time_t now,
+ const unsigned char serverchallenge[8],
+ const struct ntlm_buf *answer,
+ struct ntlm_buf *infotarget,
+ unsigned char ntlmv2[16])
+{
+ krb5_error_code ret;
+ unsigned char clientanswer[16];
+ unsigned char clientnonce[8];
+ unsigned char serveranswer[16];
+ krb5_storage *sp;
+ uint64_t t;
+ time_t authtime;
+ uint32_t temp;
+
+ infotarget->length = 0;
+ infotarget->data = NULL;
+
+ if (answer->length < 16)
+ return HNTLM_ERR_INVALID_LENGTH;
+
+ if (now == 0)
+ now = time(NULL);
+
+ /* calculate ntlmv2 key */
+
+ heim_ntlm_ntlmv2_key(key, len, username, target, upper_case_target, ntlmv2);
+
+ /* calculate and build ntlmv2 answer */
+
+ sp = krb5_storage_from_readonly_mem(answer->data, answer->length);
+ if (sp == NULL)
+ return ENOMEM;
+ krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
+
+ CHECK_SIZE(krb5_storage_read(sp, clientanswer, 16), 16);
+
+ CHECK(krb5_ret_uint32(sp, &temp), 0);
+ CHECK(temp, 0x00000101);
+ CHECK(krb5_ret_uint32(sp, &temp), 0);
+ CHECK(temp, 0);
+ /* timestamp le 64 bit ts */
+ CHECK(krb5_ret_uint32(sp, &temp), 0);
+ t = temp;
+ CHECK(krb5_ret_uint32(sp, &temp), 0);
+ t |= ((uint64_t)temp)<< 32;
+
+ authtime = heim_ntlm_ts2unixtime(t);
+
+ if (labs((int)(authtime - now)) > authtimediff) {
+ ret = HNTLM_ERR_TIME_SKEW;
+ goto out;
+ }
+
+ /* client challenge */
+ CHECK_SIZE(krb5_storage_read(sp, clientnonce, 8), 8);
+
+ CHECK(krb5_ret_uint32(sp, &temp), 0); /* Z(4) */
+
+ /* let pick up targetinfo */
+ infotarget->length = answer->length - (size_t)krb5_storage_seek(sp, 0, SEEK_CUR);
+ if (infotarget->length < 4) {
+ ret = HNTLM_ERR_INVALID_LENGTH;
+ goto out;
+ }
+ infotarget->data = malloc(infotarget->length);
+ if (infotarget->data == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ CHECK_SIZE(krb5_storage_read(sp, infotarget->data, infotarget->length),
+ infotarget->length);
+
+ krb5_storage_free(sp);
+ sp = NULL;
+
+ if (answer->length < 16) {
+ ret = HNTLM_ERR_INVALID_LENGTH;
+ goto out;
+ }
+
+ ret = heim_ntlm_derive_ntlm2_sess(ntlmv2,
+ ((unsigned char *)answer->data) + 16,
+ answer->length - 16,
+ serverchallenge,
+ serveranswer);
+ if (ret)
+ goto out;
+
+ if (ct_memcmp(serveranswer, clientanswer, 16) != 0) {
+ heim_ntlm_free_buf(infotarget);
+ return HNTLM_ERR_AUTH;
+ }
+
+ return 0;
+out:
+ heim_ntlm_free_buf(infotarget);
+ if (sp)
+ krb5_storage_free(sp);
+ return ret;
+}
+
+/**
+ * Verify NTLMv2 response.
+ *
+ * @param key the ntlm key
+ * @param len length of key
+ * @param username name of the user, as sent in the message, assumed to be in UTF8.
+ * @param target the name of the target, assumed to be in UTF8.
+ * @param now the time now (0 if the library should pick it up itself)
+ * @param serverchallenge challenge as sent by the server in the type2 message.
+ * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
+ * @param infotarget infotarget as sent by the server in the type2 message.
+ * @param ntlmv2 calculated session key
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_verify_ntlm2(const void *key, size_t len,
+ const char *username,
+ const char *target,
+ time_t now,
+ const unsigned char serverchallenge[8],
+ const struct ntlm_buf *answer,
+ struct ntlm_buf *infotarget,
+ unsigned char ntlmv2[16])
+{
+ int ret;
+
+ /**
+ * First check with the domain as the client passed it to the function.
+ */
+
+ ret = verify_ntlm2(key, len, username, target, 0, now,
+ serverchallenge, answer, infotarget, ntlmv2);
+
+ /**
+ * Second check with domain uppercased.
+ */
+
+ if (ret)
+ ret = verify_ntlm2(key, len, username, target, 1, now,
+ serverchallenge, answer, infotarget, ntlmv2);
+
+ /**
+ * Third check with empty domain.
+ */
+ if (ret)
+ ret = verify_ntlm2(key, len, username, "", 0, now,
+ serverchallenge, answer, infotarget, ntlmv2);
+ return ret;
+}
+
+/*
+ * Calculate the NTLM2 Session Response
+ *
+ * @param clnt_nonce client nonce
+ * @param svr_chal server challage
+ * @param ntlm2_hash ntlm hash
+ * @param lm The LM response, should be freed with heim_ntlm_free_buf().
+ * @param ntlm The NTLM response, should be freed with heim_ntlm_free_buf().
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8],
+ const unsigned char svr_chal[8],
+ const unsigned char ntlm_hash[16],
+ struct ntlm_buf *lm,
+ struct ntlm_buf *ntlm)
+{
+ unsigned char ntlm2_sess_hash[8];
+ unsigned char res[21], *resp;
+ int code;
+
+ code = heim_ntlm_calculate_ntlm2_sess_hash(clnt_nonce, svr_chal,
+ ntlm2_sess_hash);
+ if (code) {
+ return code;
+ }
+
+ lm->data = malloc(24);
+ if (lm->data == NULL) {
+ return ENOMEM;
+ }
+ lm->length = 24;
+
+ ntlm->data = malloc(24);
+ if (ntlm->data == NULL) {
+ free(lm->data);
+ lm->data = NULL;
+ return ENOMEM;
+ }
+ ntlm->length = 24;
+
+ /* first setup the lm resp */
+ memset(lm->data, 0, 24);
+ memcpy(lm->data, clnt_nonce, 8);
+
+ memset(res, 0, sizeof(res));
+ memcpy(res, ntlm_hash, 16);
+
+ resp = ntlm->data;
+ splitandenc(&res[0], ntlm2_sess_hash, resp + 0);
+ splitandenc(&res[7], ntlm2_sess_hash, resp + 8);
+ splitandenc(&res[14], ntlm2_sess_hash, resp + 16);
+
+ return 0;
+}
+
+
+/*
+ * Calculate the NTLM2 Session "Verifier"
+ *
+ * @param clnt_nonce client nonce
+ * @param svr_chal server challage
+ * @param hash The NTLM session verifier
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_calculate_ntlm2_sess_hash(const unsigned char clnt_nonce[8],
+ const unsigned char svr_chal[8],
+ unsigned char verifier[8])
+{
+ unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH];
+ EVP_MD_CTX *m;
+
+ m = EVP_MD_CTX_create();
+ if (m == NULL)
+ return ENOMEM;
+
+ EVP_DigestInit_ex(m, EVP_md5(), NULL);
+ EVP_DigestUpdate(m, svr_chal, 8); /* session nonce part 1 */
+ EVP_DigestUpdate(m, clnt_nonce, 8); /* session nonce part 2 */
+ EVP_DigestFinal_ex(m, ntlm2_sess_hash, NULL); /* will only use first 8 bytes */
+ EVP_MD_CTX_destroy(m);
+
+ memcpy(verifier, ntlm2_sess_hash, 8);
+
+ return 0;
+}
+
+
+/*
+ * Derive a NTLM2 session key
+ *
+ * @param sessionkey session key from domain controller
+ * @param clnt_nonce client nonce
+ * @param svr_chal server challenge
+ * @param derivedkey salted session key
+ *
+ * @return In case of success 0 is return, an errors, a errno in what
+ * went wrong.
+ *
+ * @ingroup ntlm_core
+ */
+
+int
+heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16],
+ const unsigned char *clnt_nonce, size_t clnt_nonce_length,
+ const unsigned char svr_chal[8],
+ unsigned char derivedkey[16])
+{
+ unsigned int hmaclen;
+ HMAC_CTX c;
+
+ /* HMAC(Ksession, serverchallenge || clientchallenge) */
+ HMAC_CTX_init(&c);
+ if (HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL) == 0) {
+ HMAC_CTX_cleanup(&c);
+ return ENOMEM;
+ }
+ HMAC_Update(&c, svr_chal, 8);
+ HMAC_Update(&c, clnt_nonce, clnt_nonce_length);
+ HMAC_Final(&c, derivedkey, &hmaclen);
+ HMAC_CTX_cleanup(&c);
+ memset(&c, 0, sizeof(c));
+ return 0;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-12 19:05:34 +0000