lib/smblib/smbencrypt.c

   1 #include "config.h"
   2
   3 /*
   4  * Unix SMB/Netbios implementation.
   5  * Version 1.9.
   6  * SMB parameters and setup
   7  * Copyright (C) Andrew Tridgell 1992-1997
   8  * Modified by Jeremy Allison 1995.
   9  *
  10  * This program is free software; you can redistribute it and/or modify
  11  * it under the terms of the GNU General Public License as published by
  12  * the Free Software Foundation; either version 2 of the License, or
  13  * (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU General Public License
  21  * along with this program; if not, write to the Free Software
  22  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  23  */
  24
  25 #include <string.h>
  26 #include <sys/types.h>
  27 #include <sys/socket.h>
  28 #include <netinet/in.h>
  29 #include <arpa/inet.h>
  30 #include <dirent.h>
  31 #include <string.h>
  32 #include <ctype.h>
  33
  34 /* AI inclusion for Solaris filesystem */
  35 #ifdef SOLARIS
  36 #include <sys/vfs.h>
  37 #endif
  38
  39 #include "smblib/smblib-priv.h"
  40 #define uchar unsigned char
  41
  42 #include "rfcnb/byteorder.h"
  43
  44 #include "smblib/md4.h"
  45 #include "smblib/smbdes.h"
  46 #include "smblib/smbencrypt.h"
  47
  48 static void E_md4hash(unsigned char *passwd, unsigned char *p16);
  49 static char *StrnCpy(char *dest, char *src, int n);
  50 static void strupper(char *s);
  51
  52 /*
  53  * This implements the X/Open SMB password encryption
  54  * It takes a password, a 8 byte "crypt key" and puts 24 bytes of
  55  * encrypted password into p24 */
  56 void
  57 SMBencrypt(uchar * passwd, uchar * c8, uchar * p24)
  58 {
  59     uchar p14[15], p21[21];
  60
  61     memset(p21, '\0', 21);
  62     memset(p14, '\0', 14);
  63     StrnCpy((char *) p14, (char *) passwd, 14);
  64
  65     strupper((char *) p14);
  66     E_P16(p14, p21);
  67     E_P24(p21, c8, p24);
  68 }
  69
  70 /* Routines for Windows NT MD4 Hash functions. */
  71 static int
  72 _my_wcslen(int16_t * str)
  73 {
  74     int len = 0;
  75     while (*str++ != 0)
  76         len++;
  77     return len;
  78 }
  79
  80 /*
  81  * Convert a string into an NT UNICODE string.
  82  * Note that regardless of processor type
  83  * this must be in intel (little-endian)
  84  * format.
  85  */
  86
  87 static int
  88 _my_mbstowcs(int16_t * dst, uchar * src, int len)
  89 {
  90     int i;
  91     int16_t val;
  92
  93     for (i = 0; i < len; i++) {
  94         val = *src;
  95         SSVAL(dst, 0, val);
  96         dst++;
  97         src++;
  98         if (val == 0)
  99             break;
 100     }
 101     return i;
 102 }
 103
 104 /*
 105  * Creates the MD4 Hash of the users password in NT UNICODE.
 106  */
 107
 108 void
 109 E_md4hash(uchar * passwd, uchar * p16)
 110 {
 111     int len;
 112     int16_t wpwd[129];
 113
 114     /* Password cannot be longer than 128 characters */
 115     len = strlen((char *) passwd);
 116     if (len > 128)
 117         len = 128;
 118     /* Password must be converted to NT unicode */
 119     _my_mbstowcs(wpwd, passwd, len);
 120     wpwd[len] = 0;              /* Ensure string is null terminated */
 121     /* Calculate length in bytes */
 122     len = _my_wcslen(wpwd) * sizeof(int16_t);
 123
 124     mdfour(p16, (unsigned char *) wpwd, len);
 125 }
 126
 127 /* Does the NT MD4 hash then des encryption. */
 128
 129 void
 130 SMBNTencrypt(uchar * passwd, uchar * c8, uchar * p24)
 131 {
 132     uchar p21[21];
 133
 134     memset(p21, '\0', 21);
 135
 136     E_md4hash(passwd, p21);
 137     E_P24(p21, c8, p24);
 138 }
 139
 140 /* Does both the NT and LM owfs of a user's password */
 141
 142 void
 143 nt_lm_owf_gen(char *pwd, char *nt_p16, char *p16)
 144 {
 145     char passwd[130];
 146     StrnCpy(passwd, pwd, sizeof(passwd) - 1);
 147
 148     /* Calculate the MD4 hash (NT compatible) of the password */
 149     memset(nt_p16, '\0', 16);
 150     E_md4hash((uchar *) passwd, (uchar *) nt_p16);
 151
 152     /* Mangle the passwords into Lanman format */
 153     passwd[14] = '\0';
 154     strupper(passwd);
 155
 156     /* Calculate the SMB (lanman) hash functions of the password */
 157
 158     memset(p16, '\0', 16);
 159     E_P16((uchar *) passwd, (uchar *) p16);
 160
 161     /* clear out local copy of user's password (just being paranoid). */
 162     memset(passwd, 0, sizeof(passwd));
 163 }
 164
 165 /****************************************************************************
 166 line strncpy but always null terminates. Make sure there is room!
 167 ****************************************************************************/
 168 char *
 169 StrnCpy(char *dest, char *src, int n)
 170 {
 171     char *d = dest;
 172     if (!dest)
 173         return (NULL);
 174     if (!src) {
 175         *dest = 0;
 176         return (dest);
 177     }
 178     while (n-- && (*d++ = *src++));
 179     *d = 0;
 180     return (dest);
 181 }
 182
 183 void
 184 strupper(char *s)
 185 {
 186     while (*s) {
 187 #if UNUSED_CODE
 188 #if !defined(KANJI_WIN95_COMPATIBILITY)
 189         if (lp_client_code_page() == KANJI_CODEPAGE) {
 190
 191             if (is_shift_jis(*s)) {
 192                 if (is_sj_lower(s[0], s[1]))
 193                     s[1] = sj_toupper2(s[1]);
 194                 s += 2;
 195             } else if (is_kana(*s)) {
 196                 s++;
 197             } else {
 198                 if (islower((int)(unsigned char)*s))
 199                     *s = toupper((int)(unsigned char)*s);
 200                 s++;
 201             }
 202         } else
 203 #endif /* KANJI_WIN95_COMPATIBILITY */
 204 #endif /* UNUSED_CODE */
 205         {
 206             if (islower((int)(unsigned char)*s))
 207                 *s = toupper((int)(unsigned char)*s);
 208             s++;
 209         }
 210     }
 211 }