smbencrypt.c 8.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328
  1. /*
  2. Unix SMB/Netbios implementation.
  3. Version 1.9.
  4. SMB parameters and setup
  5. Copyright (C) Andrew Tridgell 1992-2000
  6. Copyright (C) Luke Kenneth Casson Leighton 1996-2000
  7. Modified by Jeremy Allison 1995.
  8. Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
  9. Modified by Steve French (sfrench@us.ibm.com) 2002-2003
  10. This program is free software; you can redistribute it and/or modify
  11. it under the terms of the GNU General Public License as published by
  12. the Free Software Foundation; either version 2 of the License, or
  13. (at your option) any later version.
  14. This program is distributed in the hope that it will be useful,
  15. but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. GNU General Public License for more details.
  18. You should have received a copy of the GNU General Public License
  19. along with this program; if not, write to the Free Software
  20. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21. */
  22. #include <linux/module.h>
  23. #include <linux/slab.h>
  24. #include <linux/fs.h>
  25. #include <linux/string.h>
  26. #include <linux/kernel.h>
  27. #include <linux/random.h>
  28. #include "cifs_unicode.h"
  29. #include "cifspdu.h"
  30. #include "cifsglob.h"
  31. #include "cifs_debug.h"
  32. #include "cifsproto.h"
  33. #ifndef false
  34. #define false 0
  35. #endif
  36. #ifndef true
  37. #define true 1
  38. #endif
  39. /* following came from the other byteorder.h to avoid include conflicts */
  40. #define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
  41. #define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
  42. #define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
  43. /* produce a md4 message digest from data of length n bytes */
  44. int
  45. mdfour(unsigned char *md4_hash, unsigned char *link_str, int link_len)
  46. {
  47. int rc;
  48. unsigned int size;
  49. struct crypto_shash *md4;
  50. struct sdesc *sdescmd4;
  51. md4 = crypto_alloc_shash("md4", 0, 0);
  52. if (IS_ERR(md4)) {
  53. cERROR(1, "%s: Crypto md4 allocation error %d\n", __func__, rc);
  54. return PTR_ERR(md4);
  55. }
  56. size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
  57. sdescmd4 = kmalloc(size, GFP_KERNEL);
  58. if (!sdescmd4) {
  59. rc = -ENOMEM;
  60. cERROR(1, "%s: Memory allocation failure\n", __func__);
  61. goto mdfour_err;
  62. }
  63. sdescmd4->shash.tfm = md4;
  64. sdescmd4->shash.flags = 0x0;
  65. rc = crypto_shash_init(&sdescmd4->shash);
  66. if (rc) {
  67. cERROR(1, "%s: Could not init md4 shash\n", __func__);
  68. goto mdfour_err;
  69. }
  70. crypto_shash_update(&sdescmd4->shash, link_str, link_len);
  71. rc = crypto_shash_final(&sdescmd4->shash, md4_hash);
  72. mdfour_err:
  73. crypto_free_shash(md4);
  74. kfree(sdescmd4);
  75. return rc;
  76. }
  77. /* Does the des encryption from the NT or LM MD4 hash. */
  78. static void
  79. SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
  80. unsigned char p24[24])
  81. {
  82. unsigned char p21[21];
  83. memset(p21, '\0', 21);
  84. memcpy(p21, passwd, 16);
  85. E_P24(p21, c8, p24);
  86. }
  87. /*
  88. This implements the X/Open SMB password encryption
  89. It takes a password, a 8 byte "crypt key" and puts 24 bytes of
  90. encrypted password into p24 */
  91. /* Note that password must be uppercased and null terminated */
  92. void
  93. SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)
  94. {
  95. unsigned char p14[15], p21[21];
  96. memset(p21, '\0', 21);
  97. memset(p14, '\0', 14);
  98. strncpy((char *) p14, (char *) passwd, 14);
  99. /* strupper((char *)p14); *//* BB at least uppercase the easy range */
  100. E_P16(p14, p21);
  101. SMBOWFencrypt(p21, c8, p24);
  102. memset(p14, 0, 15);
  103. memset(p21, 0, 21);
  104. }
  105. /* Routines for Windows NT MD4 Hash functions. */
  106. static int
  107. _my_wcslen(__u16 *str)
  108. {
  109. int len = 0;
  110. while (*str++ != 0)
  111. len++;
  112. return len;
  113. }
  114. /*
  115. * Convert a string into an NT UNICODE string.
  116. * Note that regardless of processor type
  117. * this must be in intel (little-endian)
  118. * format.
  119. */
  120. static int
  121. _my_mbstowcs(__u16 *dst, const unsigned char *src, int len)
  122. { /* BB not a very good conversion routine - change/fix */
  123. int i;
  124. __u16 val;
  125. for (i = 0; i < len; i++) {
  126. val = *src;
  127. SSVAL(dst, 0, val);
  128. dst++;
  129. src++;
  130. if (val == 0)
  131. break;
  132. }
  133. return i;
  134. }
  135. /*
  136. * Creates the MD4 Hash of the users password in NT UNICODE.
  137. */
  138. int
  139. E_md4hash(const unsigned char *passwd, unsigned char *p16)
  140. {
  141. int rc;
  142. int len;
  143. __u16 wpwd[129];
  144. /* Password cannot be longer than 128 characters */
  145. if (passwd) {
  146. len = strlen((char *) passwd);
  147. if (len > 128)
  148. len = 128;
  149. /* Password must be converted to NT unicode */
  150. _my_mbstowcs(wpwd, passwd, len);
  151. } else
  152. len = 0;
  153. wpwd[len] = 0; /* Ensure string is null terminated */
  154. /* Calculate length in bytes */
  155. len = _my_wcslen(wpwd) * sizeof(__u16);
  156. rc = mdfour(p16, (unsigned char *) wpwd, len);
  157. memset(wpwd, 0, 129 * 2);
  158. return rc;
  159. }
  160. #if 0 /* currently unused */
  161. /* Does both the NT and LM owfs of a user's password */
  162. static void
  163. nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
  164. {
  165. char passwd[514];
  166. memset(passwd, '\0', 514);
  167. if (strlen(pwd) < 513)
  168. strcpy(passwd, pwd);
  169. else
  170. memcpy(passwd, pwd, 512);
  171. /* Calculate the MD4 hash (NT compatible) of the password */
  172. memset(nt_p16, '\0', 16);
  173. E_md4hash(passwd, nt_p16);
  174. /* Mangle the passwords into Lanman format */
  175. passwd[14] = '\0';
  176. /* strupper(passwd); */
  177. /* Calculate the SMB (lanman) hash functions of the password */
  178. memset(p16, '\0', 16);
  179. E_P16((unsigned char *) passwd, (unsigned char *) p16);
  180. /* clear out local copy of user's password (just being paranoid). */
  181. memset(passwd, '\0', sizeof(passwd));
  182. }
  183. #endif
  184. /* Does the NTLMv2 owfs of a user's password */
  185. #if 0 /* function not needed yet - but will be soon */
  186. static void
  187. ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
  188. const char *domain_n, unsigned char kr_buf[16],
  189. const struct nls_table *nls_codepage)
  190. {
  191. wchar_t *user_u;
  192. wchar_t *dom_u;
  193. int user_l, domain_l;
  194. struct HMACMD5Context ctx;
  195. /* might as well do one alloc to hold both (user_u and dom_u) */
  196. user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
  197. if (user_u == NULL)
  198. return;
  199. dom_u = user_u + 1024;
  200. /* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
  201. STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
  202. push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
  203. STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */
  204. /* BB user and domain may need to be uppercased */
  205. user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
  206. domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);
  207. user_l++; /* trailing null */
  208. domain_l++;
  209. hmac_md5_init_limK_to_64(owf, 16, &ctx);
  210. hmac_md5_update((const unsigned char *) user_u, user_l * 2, &ctx);
  211. hmac_md5_update((const unsigned char *) dom_u, domain_l * 2, &ctx);
  212. hmac_md5_final(kr_buf, &ctx);
  213. kfree(user_u);
  214. }
  215. #endif
  216. /* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
  217. #if 0 /* currently unused */
  218. static void
  219. NTLMSSPOWFencrypt(unsigned char passwd[8],
  220. unsigned char *ntlmchalresp, unsigned char p24[24])
  221. {
  222. unsigned char p21[21];
  223. memset(p21, '\0', 21);
  224. memcpy(p21, passwd, 8);
  225. memset(p21 + 8, 0xbd, 8);
  226. E_P24(p21, ntlmchalresp, p24);
  227. }
  228. #endif
  229. /* Does the NT MD4 hash then des encryption. */
  230. int
  231. SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
  232. {
  233. int rc;
  234. unsigned char p21[21];
  235. memset(p21, '\0', 21);
  236. rc = E_md4hash(passwd, p21);
  237. if (rc) {
  238. cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
  239. return rc;
  240. }
  241. SMBOWFencrypt(p21, c8, p24);
  242. return rc;
  243. }
  244. /* Does the md5 encryption from the NT hash for NTLMv2. */
  245. /* These routines will be needed later */
  246. #if 0
  247. static void
  248. SMBOWFencrypt_ntv2(const unsigned char kr[16],
  249. const struct data_blob *srv_chal,
  250. const struct data_blob *cli_chal, unsigned char resp_buf[16])
  251. {
  252. struct HMACMD5Context ctx;
  253. hmac_md5_init_limK_to_64(kr, 16, &ctx);
  254. hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
  255. hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
  256. hmac_md5_final(resp_buf, &ctx);
  257. }
  258. static void
  259. SMBsesskeygen_ntv2(const unsigned char kr[16],
  260. const unsigned char *nt_resp, __u8 sess_key[16])
  261. {
  262. struct HMACMD5Context ctx;
  263. hmac_md5_init_limK_to_64(kr, 16, &ctx);
  264. hmac_md5_update(nt_resp, 16, &ctx);
  265. hmac_md5_final((unsigned char *) sess_key, &ctx);
  266. }
  267. static void
  268. SMBsesskeygen_ntv1(const unsigned char kr[16],
  269. const unsigned char *nt_resp, __u8 sess_key[16])
  270. {
  271. mdfour((unsigned char *) sess_key, (unsigned char *) kr, 16);
  272. }
  273. #endif