00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 #include "includes.h"
00026 #include "byteorder.h"
00027
00028 void SMBencrypt_hash(const uchar lm_hash[16], const uchar *c8, uchar p24[24])
00029 {
00030 uchar p21[21];
00031
00032 memset(p21,'\0',21);
00033 memcpy(p21, lm_hash, 16);
00034
00035 SMBOWFencrypt(p21, c8, p24);
00036
00037 #ifdef DEBUG_PASSWORD
00038 DEBUG(100,("SMBencrypt_hash: lm#, challenge, response\n"));
00039 dump_data(100, (const char *)p21, 16);
00040 dump_data(100, (const char *)c8, 8);
00041 dump_data(100, (const char *)p24, 24);
00042 #endif
00043 }
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053 BOOL SMBencrypt(const char *passwd, const uchar *c8, uchar p24[24])
00054 {
00055 BOOL ret;
00056 uchar lm_hash[16];
00057
00058 ret = E_deshash(passwd, lm_hash);
00059 SMBencrypt_hash(lm_hash, c8, p24);
00060 return ret;
00061 }
00062
00063
00064
00065
00066
00067
00068
00069 void E_md4hash(const char *passwd, uchar p16[16])
00070 {
00071 int len;
00072 smb_ucs2_t wpwd[129];
00073
00074
00075 push_ucs2(NULL, wpwd, (const char *)passwd, 256, STR_UNICODE|STR_NOALIGN|STR_TERMINATE);
00076
00077 len = strlen_w(wpwd) * sizeof(int16);
00078
00079 mdfour(p16, (unsigned char *)wpwd, len);
00080 ZERO_STRUCT(wpwd);
00081 }
00082
00083
00084
00085
00086
00087
00088
00089
00090 void E_md5hash(const uchar salt[16], const uchar nthash[16], uchar hash_out[16])
00091 {
00092 struct MD5Context tctx;
00093 uchar array[32];
00094
00095 memset(hash_out, '\0', 16);
00096 memcpy(array, salt, 16);
00097 memcpy(&array[16], nthash, 16);
00098 MD5Init(&tctx);
00099 MD5Update(&tctx, array, 32);
00100 MD5Final(hash_out, &tctx);
00101 }
00102
00103
00104
00105
00106
00107
00108
00109
00110
00111 BOOL E_deshash(const char *passwd, uchar p16[16])
00112 {
00113 BOOL ret = True;
00114 fstring dospwd;
00115 ZERO_STRUCT(dospwd);
00116
00117
00118 push_ascii(dospwd, passwd, sizeof(dospwd), STR_UPPER|STR_TERMINATE);
00119
00120
00121 E_P16((const unsigned char *)dospwd, p16);
00122
00123 if (strlen(dospwd) > 14) {
00124 ret = False;
00125 }
00126
00127 ZERO_STRUCT(dospwd);
00128
00129 return ret;
00130 }
00131
00132
00133
00134
00135
00136
00137
00138
00139
00140
00141 void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16])
00142 {
00143
00144 memset(nt_p16, '\0', 16);
00145 E_md4hash(pwd, nt_p16);
00146
00147 #ifdef DEBUG_PASSWORD
00148 DEBUG(100,("nt_lm_owf_gen: pwd, nt#\n"));
00149 dump_data(120, pwd, strlen(pwd));
00150 dump_data(100, (char *)nt_p16, 16);
00151 #endif
00152
00153 E_deshash(pwd, (uchar *)p16);
00154
00155 #ifdef DEBUG_PASSWORD
00156 DEBUG(100,("nt_lm_owf_gen: pwd, lm#\n"));
00157 dump_data(120, pwd, strlen(pwd));
00158 dump_data(100, (char *)p16, 16);
00159 #endif
00160 }
00161
00162
00163 BOOL ntv2_owf_gen(const uchar owf[16],
00164 const char *user_in, const char *domain_in,
00165 BOOL upper_case_domain,
00166 uchar kr_buf[16])
00167 {
00168 smb_ucs2_t *user;
00169 smb_ucs2_t *domain;
00170
00171 size_t user_byte_len;
00172 size_t domain_byte_len;
00173
00174 HMACMD5Context ctx;
00175
00176 user_byte_len = push_ucs2_allocate(&user, user_in);
00177 if (user_byte_len == (size_t)-1) {
00178 DEBUG(0, ("push_uss2_allocate() for user returned -1 (probably malloc() failure)\n"));
00179 return False;
00180 }
00181
00182 domain_byte_len = push_ucs2_allocate(&domain, domain_in);
00183 if (domain_byte_len == (size_t)-1) {
00184 DEBUG(0, ("push_uss2_allocate() for domain returned -1 (probably malloc() failure)\n"));
00185 SAFE_FREE(user);
00186 return False;
00187 }
00188
00189 strupper_w(user);
00190
00191 if (upper_case_domain)
00192 strupper_w(domain);
00193
00194 SMB_ASSERT(user_byte_len >= 2);
00195 SMB_ASSERT(domain_byte_len >= 2);
00196
00197
00198 user_byte_len = user_byte_len - 2;
00199 domain_byte_len = domain_byte_len - 2;
00200
00201 hmac_md5_init_limK_to_64(owf, 16, &ctx);
00202 hmac_md5_update((const unsigned char *)user, user_byte_len, &ctx);
00203 hmac_md5_update((const unsigned char *)domain, domain_byte_len, &ctx);
00204 hmac_md5_final(kr_buf, &ctx);
00205
00206 #ifdef DEBUG_PASSWORD
00207 DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
00208 dump_data(100, (const char *)user, user_byte_len);
00209 dump_data(100, (const char *)domain, domain_byte_len);
00210 dump_data(100, (const char *)owf, 16);
00211 dump_data(100, (const char *)kr_buf, 16);
00212 #endif
00213
00214 SAFE_FREE(user);
00215 SAFE_FREE(domain);
00216 return True;
00217 }
00218
00219
00220 void SMBOWFencrypt(const uchar passwd[16], const uchar *c8, uchar p24[24])
00221 {
00222 uchar p21[21];
00223
00224 ZERO_STRUCT(p21);
00225
00226 memcpy(p21, passwd, 16);
00227 E_P24(p21, c8, p24);
00228 }
00229
00230
00231 void NTLMSSPOWFencrypt(const uchar passwd[8], const uchar *ntlmchalresp, uchar p24[24])
00232 {
00233 uchar p21[21];
00234
00235 memset(p21,'\0',21);
00236 memcpy(p21, passwd, 8);
00237 memset(p21 + 8, 0xbd, 8);
00238
00239 E_P24(p21, ntlmchalresp, p24);
00240 #ifdef DEBUG_PASSWORD
00241 DEBUG(100,("NTLMSSPOWFencrypt: p21, c8, p24\n"));
00242 dump_data(100, (char *)p21, 21);
00243 dump_data(100, (const char *)ntlmchalresp, 8);
00244 dump_data(100, (char *)p24, 24);
00245 #endif
00246 }
00247
00248
00249
00250
00251 void SMBNTencrypt_hash(const uchar nt_hash[16], uchar *c8, uchar *p24)
00252 {
00253 uchar p21[21];
00254
00255 memset(p21,'\0',21);
00256 memcpy(p21, nt_hash, 16);
00257 SMBOWFencrypt(p21, c8, p24);
00258
00259 #ifdef DEBUG_PASSWORD
00260 DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n"));
00261 dump_data(100, (char *)p21, 16);
00262 dump_data(100, (char *)c8, 8);
00263 dump_data(100, (char *)p24, 24);
00264 #endif
00265 }
00266
00267
00268
00269 void SMBNTencrypt(const char *passwd, uchar *c8, uchar *p24)
00270 {
00271 uchar nt_hash[16];
00272 E_md4hash(passwd, nt_hash);
00273 SMBNTencrypt_hash(nt_hash, c8, p24);
00274 }
00275
00276
00277 void SMBOWFencrypt_ntv2(const uchar kr[16],
00278 const DATA_BLOB *srv_chal,
00279 const DATA_BLOB *cli_chal,
00280 uchar resp_buf[16])
00281 {
00282 HMACMD5Context ctx;
00283
00284 hmac_md5_init_limK_to_64(kr, 16, &ctx);
00285 hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
00286 hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
00287 hmac_md5_final(resp_buf, &ctx);
00288
00289 #ifdef DEBUG_PASSWORD
00290 DEBUG(100, ("SMBOWFencrypt_ntv2: srv_chal, cli_chal, resp_buf\n"));
00291 dump_data(100, (const char *)srv_chal->data, srv_chal->length);
00292 dump_data(100, (const char *)cli_chal->data, cli_chal->length);
00293 dump_data(100, (const char *)resp_buf, 16);
00294 #endif
00295 }
00296
00297 void SMBsesskeygen_ntv2(const uchar kr[16],
00298 const uchar * nt_resp, uint8 sess_key[16])
00299 {
00300
00301
00302 HMACMD5Context ctx;
00303
00304 hmac_md5_init_limK_to_64(kr, 16, &ctx);
00305 hmac_md5_update(nt_resp, 16, &ctx);
00306 hmac_md5_final((unsigned char *)sess_key, &ctx);
00307
00308 #ifdef DEBUG_PASSWORD
00309 DEBUG(100, ("SMBsesskeygen_ntv2:\n"));
00310 dump_data(100, (const char *)sess_key, 16);
00311 #endif
00312 }
00313
00314 void SMBsesskeygen_ntv1(const uchar kr[16],
00315 const uchar * nt_resp, uint8 sess_key[16])
00316 {
00317
00318
00319
00320 mdfour((unsigned char *)sess_key, kr, 16);
00321
00322 #ifdef DEBUG_PASSWORD
00323 DEBUG(100, ("SMBsesskeygen_ntv1:\n"));
00324 dump_data(100, (const char *)sess_key, 16);
00325 #endif
00326 }
00327
00328 void SMBsesskeygen_lm_sess_key(const uchar lm_hash[16],
00329 const uchar lm_resp[24],
00330 uint8 sess_key[16])
00331 {
00332 uchar p24[24];
00333 uchar partial_lm_hash[16];
00334
00335 memcpy(partial_lm_hash, lm_hash, 8);
00336 memset(partial_lm_hash + 8, 0xbd, 8);
00337
00338 SMBOWFencrypt(partial_lm_hash, lm_resp, p24);
00339
00340 memcpy(sess_key, p24, 16);
00341
00342 #ifdef DEBUG_PASSWORD
00343 DEBUG(100, ("SMBsesskeygen_lmv1_jerry:\n"));
00344 dump_data(100, (const char *)sess_key, 16);
00345 #endif
00346 }
00347
00348 DATA_BLOB NTLMv2_generate_names_blob(const char *hostname,
00349 const char *domain)
00350 {
00351 DATA_BLOB names_blob = data_blob(NULL, 0);
00352
00353 msrpc_gen(&names_blob, "aaa",
00354 NTLMSSP_NAME_TYPE_DOMAIN, domain,
00355 NTLMSSP_NAME_TYPE_SERVER, hostname,
00356 0, "");
00357 return names_blob;
00358 }
00359
00360 static DATA_BLOB NTLMv2_generate_client_data(const DATA_BLOB *names_blob)
00361 {
00362 uchar client_chal[8];
00363 DATA_BLOB response = data_blob(NULL, 0);
00364 char long_date[8];
00365
00366 generate_random_buffer(client_chal, sizeof(client_chal));
00367
00368 put_long_date(long_date, time(NULL));
00369
00370
00371
00372 msrpc_gen(&response, "ddbbdb",
00373 0x00000101,
00374 0,
00375 long_date, 8,
00376 client_chal, 8,
00377 0,
00378 names_blob->data, names_blob->length);
00379
00380 return response;
00381 }
00382
00383 static DATA_BLOB NTLMv2_generate_response(const uchar ntlm_v2_hash[16],
00384 const DATA_BLOB *server_chal,
00385 const DATA_BLOB *names_blob)
00386 {
00387 uchar ntlmv2_response[16];
00388 DATA_BLOB ntlmv2_client_data;
00389 DATA_BLOB final_response;
00390
00391
00392
00393
00394 ntlmv2_client_data = NTLMv2_generate_client_data(names_blob);
00395
00396
00397 SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &ntlmv2_client_data, ntlmv2_response);
00398
00399 final_response = data_blob(NULL, sizeof(ntlmv2_response) + ntlmv2_client_data.length);
00400
00401 memcpy(final_response.data, ntlmv2_response, sizeof(ntlmv2_response));
00402
00403 memcpy(final_response.data+sizeof(ntlmv2_response),
00404 ntlmv2_client_data.data, ntlmv2_client_data.length);
00405
00406 data_blob_free(&ntlmv2_client_data);
00407
00408 return final_response;
00409 }
00410
00411 static DATA_BLOB LMv2_generate_response(const uchar ntlm_v2_hash[16],
00412 const DATA_BLOB *server_chal)
00413 {
00414 uchar lmv2_response[16];
00415 DATA_BLOB lmv2_client_data = data_blob(NULL, 8);
00416 DATA_BLOB final_response = data_blob(NULL, 24);
00417
00418
00419
00420 generate_random_buffer(lmv2_client_data.data, lmv2_client_data.length);
00421
00422
00423 SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &lmv2_client_data, lmv2_response);
00424 memcpy(final_response.data, lmv2_response, sizeof(lmv2_response));
00425
00426
00427
00428 memcpy(final_response.data+sizeof(lmv2_response),
00429 lmv2_client_data.data, lmv2_client_data.length);
00430
00431 data_blob_free(&lmv2_client_data);
00432
00433 return final_response;
00434 }
00435
00436 BOOL SMBNTLMv2encrypt_hash(const char *user, const char *domain, const uchar nt_hash[16],
00437 const DATA_BLOB *server_chal,
00438 const DATA_BLOB *names_blob,
00439 DATA_BLOB *lm_response, DATA_BLOB *nt_response,
00440 DATA_BLOB *user_session_key)
00441 {
00442 uchar ntlm_v2_hash[16];
00443
00444
00445
00446
00447
00448 if (!ntv2_owf_gen(nt_hash, user, domain, False, ntlm_v2_hash)) {
00449 return False;
00450 }
00451
00452 if (nt_response) {
00453 *nt_response = NTLMv2_generate_response(ntlm_v2_hash, server_chal,
00454 names_blob);
00455 if (user_session_key) {
00456 *user_session_key = data_blob(NULL, 16);
00457
00458
00459
00460 SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, user_session_key->data);
00461 }
00462 }
00463
00464
00465
00466 if (lm_response) {
00467 *lm_response = LMv2_generate_response(ntlm_v2_hash, server_chal);
00468 }
00469
00470 return True;
00471 }
00472
00473
00474
00475 BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password,
00476 const DATA_BLOB *server_chal,
00477 const DATA_BLOB *names_blob,
00478 DATA_BLOB *lm_response, DATA_BLOB *nt_response,
00479 DATA_BLOB *user_session_key)
00480 {
00481 uchar nt_hash[16];
00482 E_md4hash(password, nt_hash);
00483
00484 return SMBNTLMv2encrypt_hash(user, domain, nt_hash,
00485 server_chal,
00486 names_blob,
00487 lm_response, nt_response,
00488 user_session_key);
00489 }
00490
00491
00492
00493
00494
00495 BOOL encode_pw_buffer(uint8 buffer[516], const char *password, int string_flags)
00496 {
00497 uchar new_pw[512];
00498 size_t new_pw_len;
00499
00500
00501 string_flags |= STR_NOALIGN;
00502
00503 new_pw_len = push_string(NULL, new_pw,
00504 password,
00505 sizeof(new_pw), string_flags);
00506
00507 memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
00508
00509 generate_random_buffer(buffer, 512 - new_pw_len);
00510
00511
00512
00513
00514
00515 SIVAL(buffer, 512, new_pw_len);
00516 ZERO_STRUCT(new_pw);
00517 return True;
00518 }
00519
00520
00521
00522
00523
00524
00525
00526
00527 BOOL decode_pw_buffer(uint8 in_buffer[516], char *new_pwrd,
00528 int new_pwrd_size, uint32 *new_pw_len,
00529 int string_flags)
00530 {
00531 int byte_len=0;
00532
00533
00534 string_flags |= STR_NOALIGN;
00535
00536
00537
00538
00539
00540
00541
00542
00543
00544
00545 byte_len = IVAL(in_buffer, 512);
00546
00547 #ifdef DEBUG_PASSWORD
00548 dump_data(100, (const char *)in_buffer, 516);
00549 #endif
00550
00551
00552 if ( (byte_len < 0) || (byte_len > 512)) {
00553 DEBUG(0, ("decode_pw_buffer: incorrect password length (%d).\n", byte_len));
00554 DEBUG(0, ("decode_pw_buffer: check that 'encrypt passwords = yes'\n"));
00555 return False;
00556 }
00557
00558
00559 *new_pw_len = pull_string(NULL, new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size,
00560 byte_len, string_flags);
00561
00562 #ifdef DEBUG_PASSWORD
00563 DEBUG(100,("decode_pw_buffer: new_pwrd: "));
00564 dump_data(100, (const char *)new_pwrd, *new_pw_len);
00565 DEBUG(100,("multibyte len:%d\n", *new_pw_len));
00566 DEBUG(100,("original char len:%d\n", byte_len/2));
00567 #endif
00568
00569 return True;
00570 }
00571
00572
00573
00574
00575
00576 void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_BLOB *psession_key)
00577 {
00578 struct MD5Context tctx;
00579 unsigned char key_out[16];
00580
00581
00582
00583 MD5Init(&tctx);
00584 MD5Update(&tctx, &pw_buf[516], 16);
00585 MD5Update(&tctx, psession_key->data, psession_key->length);
00586 MD5Final(key_out, &tctx);
00587
00588 SamOEMhash(pw_buf, key_out, 516);
00589 }
00590
00591
00592
00593
00594
00595
00596 void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, int forward)
00597 {
00598 int i, k;
00599
00600 for (i=0,k=0;
00601 i<in->length;
00602 i += 8, k += 7) {
00603 uint8 bin[8], bout[8], key[7];
00604
00605 memset(bin, 0, 8);
00606 memcpy(bin, &in->data[i], MIN(8, in->length-i));
00607
00608 if (k + 7 > session_key->length) {
00609 k = (session_key->length - k);
00610 }
00611 memcpy(key, &session_key->data[k], 7);
00612
00613 des_crypt56(bout, bin, key, forward?1:0);
00614
00615 memcpy(&out->data[i], bout, MIN(8, in->length-i));
00616 }
00617 }
00618
00619
00620
00621
00622
00623
00624
00625
00626
00627 char *decrypt_trustdom_secret(const char *pass, DATA_BLOB *data_in)
00628 {
00629 DATA_BLOB data_out, sess_key;
00630 uchar nt_hash[16];
00631 uint32_t length;
00632 uint32_t version;
00633 fstring cleartextpwd;
00634
00635 if (!data_in || !pass)
00636 return NULL;
00637
00638
00639 E_md4hash(pass, nt_hash);
00640
00641
00642 mdfour(nt_hash, nt_hash, 16);
00643
00644
00645 sess_key = data_blob(nt_hash, 16);
00646 if (sess_key.data == NULL)
00647 return NULL;
00648
00649 data_out = data_blob(NULL, data_in->length);
00650 if (data_out.data == NULL)
00651 return NULL;
00652
00653
00654 sess_crypt_blob(&data_out, data_in, &sess_key, 0);
00655
00656
00657 length = IVAL(data_out.data, 0);
00658 version = IVAL(data_out.data, 4);
00659
00660 if (length > data_in->length - 8) {
00661 DEBUG(0,("decrypt_trustdom_secret: invalid length (%d)\n", length));
00662 return NULL;
00663 }
00664
00665 if (version != 1) {
00666 DEBUG(0,("decrypt_trustdom_secret: unknown version number (%d)\n", version));
00667 return NULL;
00668 }
00669
00670 rpcstr_pull(cleartextpwd, data_out.data + 8, sizeof(fstring), length, 0 );
00671
00672 #ifdef DEBUG_PASSWORD
00673 DEBUG(100,("decrypt_trustdom_secret: length is: %d, version is: %d, password is: %s\n",
00674 length, version, cleartextpwd));
00675 #endif
00676
00677 data_blob_free(&data_out);
00678 data_blob_free(&sess_key);
00679
00680 return SMB_STRDUP(cleartextpwd);
00681
00682 }
00683