1997-10-09 10:01:12 +00:00
/*
Unix SMB / Netbios implementation .
Version 1.9 .
code to manipulate domain credentials
Copyright ( C ) Andrew Tridgell 1997
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "includes.h"
/****************************************************************************
setup the session key .
Input : 8 byte challenge block
8 byte server challenge block
16 byte md4 encrypted password
Output :
8 byte session key
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1997-10-10 14:48:05 +00:00
void cred_session_key ( DOM_CHAL * clnt_chal , DOM_CHAL * srv_chal , char * pass ,
1997-10-09 10:01:12 +00:00
char * session_key )
{
uint32 sum [ 2 ] ;
char sum2 [ 8 ] ;
char buf [ 8 ] ;
1997-10-10 14:48:05 +00:00
sum [ 0 ] = IVAL ( clnt_chal - > data , 0 ) + IVAL ( srv_chal - > data , 0 ) ;
sum [ 1 ] = IVAL ( clnt_chal - > data , 4 ) + IVAL ( srv_chal - > data , 4 ) ;
1997-10-09 10:01:12 +00:00
SIVAL ( sum2 , 0 , sum [ 0 ] ) ;
SIVAL ( sum2 , 4 , sum [ 1 ] ) ;
1997-10-10 14:48:05 +00:00
smbhash ( pass , sum2 , buf ) ;
smbhash ( pass + 9 , buf , session_key ) ;
1997-10-09 10:01:12 +00:00
}
/****************************************************************************
create a credential
Input :
8 byte sesssion key
8 byte stored credential
4 byte timestamp
Output :
8 byte credential
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1997-10-10 14:48:05 +00:00
void cred_create ( char * session_key , DOM_CHAL * stored_cred , UTIME timestamp ,
DOM_CHAL * cred )
1997-10-09 10:01:12 +00:00
{
char key2 [ 7 ] ;
char buf [ 8 ] ;
char timecred [ 8 ] ;
1997-10-10 14:48:05 +00:00
memcpy ( timecred , stored_cred - > data , 8 ) ;
1997-10-09 14:40:46 +00:00
SIVAL ( timecred , 0 , IVAL ( stored_cred , 0 ) + timestamp . time ) ;
1997-10-09 10:01:12 +00:00
1997-10-10 14:48:05 +00:00
smbhash ( session_key , timecred , buf ) ;
1997-10-09 10:01:12 +00:00
memset ( key2 , 0 , 7 ) ;
key2 [ 0 ] = session_key [ 7 ] ;
1997-10-10 14:48:05 +00:00
smbhash ( key2 , buf , cred - > data ) ;
1997-10-09 10:01:12 +00:00
}
/****************************************************************************
check a supplied credential
Input :
8 byte received credential
8 byte sesssion key
8 byte stored credential
4 byte timestamp
Output :
returns 1 if computed credential matches received credential
returns 0 otherwise
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1997-10-10 14:48:05 +00:00
int cred_assert ( DOM_CHAL * cred , char * session_key , DOM_CHAL * stored_cred ,
UTIME timestamp )
1997-10-09 10:01:12 +00:00
{
1997-10-10 14:48:05 +00:00
DOM_CHAL cred2 ;
1997-10-09 10:01:12 +00:00
1997-10-10 14:48:05 +00:00
cred_create ( session_key , stored_cred , timestamp , & cred2 ) ;
1997-10-09 10:01:12 +00:00
1997-10-10 14:48:05 +00:00
return memcmp ( cred - > data , cred2 . data , 8 ) = = 0 ;
1997-10-09 10:01:12 +00:00
}
