1996-05-04 11:50:46 +04:00
/*
Unix SMB / Netbios implementation .
Version 1.9 .
SMB parameters and setup
1998-01-22 16:27:43 +03:00
Copyright ( C ) Andrew Tridgell 1992 - 1998
1996-05-04 11:50:46 +04:00
Modified by Jeremy Allison 1995.
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "includes.h"
extern int DEBUGLEVEL ;
# include "byteorder.h"
/*
This implements the X / Open SMB password encryption
It takes a password , a 8 byte " crypt key " and puts 24 bytes of
1997-11-10 22:23:17 +03:00
encrypted password into p24 */
void SMBencrypt ( uchar * passwd , uchar * c8 , uchar * p24 )
1996-05-04 11:50:46 +04:00
{
1998-10-02 22:45:07 +04:00
uchar p14 [ 15 ] , p21 [ 21 ] ;
1996-05-04 11:50:46 +04:00
1998-10-02 22:45:07 +04:00
memset ( p21 , ' \0 ' , 21 ) ;
memset ( p14 , ' \0 ' , 14 ) ;
StrnCpy ( ( char * ) p14 , ( char * ) passwd , 14 ) ;
strupper ( ( char * ) p14 ) ;
E_P16 ( p14 , p21 ) ;
SMBOWFencrypt ( p21 , c8 , p24 ) ;
1996-05-04 11:50:46 +04:00
1998-10-02 22:45:07 +04:00
# ifdef DEBUG_PASSWORD
DEBUG ( 100 , ( " SMBencrypt: lm#, challenge, response \n " ) ) ;
dump_data ( 100 , p21 , 16 ) ;
dump_data ( 100 , c8 , 8 ) ;
dump_data ( 100 , p24 , 24 ) ;
# endif
1996-05-04 11:50:46 +04:00
}
/* Routines for Windows NT MD4 Hash functions. */
static int _my_wcslen ( int16 * str )
{
int len = 0 ;
while ( * str + + ! = 0 )
len + + ;
return len ;
}
/*
* Convert a string into an NT UNICODE string .
* Note that regardless of processor type
* this must be in intel ( little - endian )
* format .
*/
static int _my_mbstowcs ( int16 * dst , uchar * src , int len )
{
int i ;
int16 val ;
for ( i = 0 ; i < len ; i + + ) {
val = * src ;
SSVAL ( dst , 0 , val ) ;
dst + + ;
src + + ;
if ( val = = 0 )
break ;
}
return i ;
}
/*
* Creates the MD4 Hash of the users password in NT UNICODE .
*/
void E_md4hash ( uchar * passwd , uchar * p16 )
{
1997-09-15 06:49:38 +04:00
int len ;
1996-05-04 11:50:46 +04:00
int16 wpwd [ 129 ] ;
1997-09-15 06:49:38 +04:00
1996-05-04 11:50:46 +04:00
/* Password cannot be longer than 128 characters */
1996-05-29 11:47:47 +04:00
len = strlen ( ( char * ) passwd ) ;
1996-05-04 11:50:46 +04:00
if ( len > 128 )
len = 128 ;
/* Password must be converted to NT unicode */
1997-09-15 06:49:38 +04:00
_my_mbstowcs ( wpwd , passwd , len ) ;
1996-05-04 11:50:46 +04:00
wpwd [ len ] = 0 ; /* Ensure string is null terminated */
/* Calculate length in bytes */
len = _my_wcslen ( wpwd ) * sizeof ( int16 ) ;
1997-09-15 06:49:38 +04:00
mdfour ( p16 , ( unsigned char * ) wpwd , len ) ;
1996-05-04 11:50:46 +04:00
}
1998-09-26 01:01:52 +04:00
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen ( char * pwd , uchar nt_p16 [ 16 ] , uchar p16 [ 16 ] )
{
char passwd [ 130 ] ;
1998-10-01 05:27:47 +04:00
1998-10-02 22:45:07 +04:00
memset ( passwd , ' \0 ' , 130 ) ;
safe_strcpy ( passwd , pwd , sizeof ( passwd ) - 1 ) ;
1998-09-26 01:01:52 +04:00
/* Calculate the MD4 hash (NT compatible) of the password */
memset ( nt_p16 , ' \0 ' , 16 ) ;
E_md4hash ( ( uchar * ) passwd , nt_p16 ) ;
1998-10-02 22:45:07 +04:00
# ifdef DEBUG_PASSWORD
DEBUG ( 100 , ( " nt_lm_owf_gen: pwd, nt# \n " ) ) ;
dump_data ( 120 , passwd , strlen ( passwd ) ) ;
dump_data ( 100 , nt_p16 , 16 ) ;
# endif
1998-09-26 01:01:52 +04:00
/* Mangle the passwords into Lanman format */
passwd [ 14 ] = ' \0 ' ;
strupper ( passwd ) ;
/* Calculate the SMB (lanman) hash functions of the password */
memset ( p16 , ' \0 ' , 16 ) ;
E_P16 ( ( uchar * ) passwd , ( uchar * ) p16 ) ;
1998-10-02 22:45:07 +04:00
# ifdef DEBUG_PASSWORD
DEBUG ( 100 , ( " nt_lm_owf_gen: pwd, lm# \n " ) ) ;
dump_data ( 120 , passwd , strlen ( passwd ) ) ;
dump_data ( 100 , p16 , 16 ) ;
# endif
1998-09-26 01:01:52 +04:00
/* clear out local copy of user's password (just being paranoid). */
bzero ( passwd , sizeof ( passwd ) ) ;
}
/* Does the des encryption from the NT or LM MD4 hash. */
1998-09-30 00:24:17 +04:00
void SMBOWFencrypt ( uchar passwd [ 16 ] , uchar * c8 , uchar p24 [ 24 ] )
1998-09-26 01:01:52 +04:00
{
uchar p21 [ 21 ] ;
memset ( p21 , ' \0 ' , 21 ) ;
memcpy ( p21 , passwd , 16 ) ;
E_P24 ( p21 , c8 , p24 ) ;
}
1998-10-08 01:42:24 +04:00
/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
void NTLMSSPOWFencrypt ( uchar passwd [ 8 ] , uchar * ntlmchalresp , uchar p24 [ 24 ] )
{
uchar p21 [ 21 ] ;
memset ( p21 , ' \0 ' , 21 ) ;
memcpy ( p21 , passwd , 8 ) ;
memset ( p21 + 8 , 0xbd , 8 ) ;
E_P24 ( p21 , ntlmchalresp , p24 ) ;
}
1998-09-26 01:01:52 +04:00
1997-11-09 20:30:10 +03:00
/* Does the NT MD4 hash then des encryption. */
1997-11-10 22:23:17 +03:00
void SMBNTencrypt ( uchar * passwd , uchar * c8 , uchar * p24 )
1996-05-04 11:50:46 +04:00
{
uchar p21 [ 21 ] ;
memset ( p21 , ' \0 ' , 21 ) ;
E_md4hash ( passwd , p21 ) ;
1998-10-02 22:45:07 +04:00
SMBOWFencrypt ( p21 , c8 , p24 ) ;
# ifdef DEBUG_PASSWORD
DEBUG ( 100 , ( " SMBNTencrypt: nt#, challenge, response \n " ) ) ;
dump_data ( 100 , p21 , 16 ) ;
dump_data ( 100 , c8 , 8 ) ;
dump_data ( 100 , p24 , 24 ) ;
# endif
1996-05-04 11:50:46 +04:00
}
1997-10-25 14:58:18 +04:00