[deliverable/linux.git] / fs / cifs / smbencrypt.c

/*
   Unix SMB/Netbios implementation.
   Version 1.9.
   SMB parameters and setup
   Copyright (C) Andrew Tridgell 1992-2000
   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
   Modified by Jeremy Allison 1995.
   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   Modified by Steve French (sfrench@us.ibm.com) 2002-2003

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include <linux/module.h>
#include <linux/fs.h>
#include <linux/string.h>
#include <linux/kernel.h>
#include <linux/random.h>
#include "cifs_unicode.h"
#include "cifspdu.h"
#include "cifsglob.h"
#include "md5.h"
#include "cifs_debug.h"
#include "cifsencrypt.h"

#ifndef false
#define false 0
#endif
#ifndef true
#define true 1
#endif

/* following came from the other byteorder.h to avoid include conflicts */
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))

/*The following definitions come from  libsmb/smbencrypt.c  */

void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
void E_md4hash(const unsigned char *passwd, unsigned char *p16);
static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
		   unsigned char p24[24]);
void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);

/*
   This implements the X/Open SMB password encryption
   It takes a password, a 8 byte "crypt key" and puts 24 bytes of
   encrypted password into p24 */
/* Note that password must be uppercased and null terminated */
void
SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
{
	unsigned char p14[15], p21[21];

	memset(p21, '\0', 21);
	memset(p14, '\0', 14);
	strncpy((char *) p14, (char *) passwd, 14);

/*	strupper((char *)p14); *//* BB at least uppercase the easy range */
	E_P16(p14, p21);

	SMBOWFencrypt(p21, c8, p24);

	memset(p14, 0, 15);
	memset(p21, 0, 21);
}

/* Routines for Windows NT MD4 Hash functions. */
static int
_my_wcslen(__u16 *str)
{
	int len = 0;
	while (*str++ != 0)
		len++;
	return len;
}

/*
 * Convert a string into an NT UNICODE string.
 * Note that regardless of processor type
 * this must be in intel (little-endian)
 * format.
 */

static int
_my_mbstowcs(__u16 *dst, const unsigned char *src, int len)
{	/* BB not a very good conversion routine - change/fix */
	int i;
	__u16 val;

	for (i = 0; i < len; i++) {
		val = *src;
		SSVAL(dst, 0, val);
		dst++;
		src++;
		if (val == 0)
			break;
	}
	return i;
}

/*
 * Creates the MD4 Hash of the users password in NT UNICODE.
 */

void
E_md4hash(const unsigned char *passwd, unsigned char *p16)
{
	int len;
	__u16 wpwd[129];

	/* Password cannot be longer than 128 characters */
	if (passwd) {
		len = strlen((char *) passwd);
		if (len > 128)
			len = 128;

		/* Password must be converted to NT unicode */
		_my_mbstowcs(wpwd, passwd, len);
	} else
		len = 0;

	wpwd[len] = 0;	/* Ensure string is null terminated */
	/* Calculate length in bytes */
	len = _my_wcslen(wpwd) * sizeof(__u16);

	mdfour(p16, (unsigned char *) wpwd, len);
	memset(wpwd, 0, 129 * 2);
}

#if 0 /* currently unused */
/* Does both the NT and LM owfs of a user's password */
static void
nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
{
	char passwd[514];

	memset(passwd, '\0', 514);
	if (strlen(pwd) < 513)
		strcpy(passwd, pwd);
	else
		memcpy(passwd, pwd, 512);
	/* Calculate the MD4 hash (NT compatible) of the password */
	memset(nt_p16, '\0', 16);
	E_md4hash(passwd, nt_p16);

	/* Mangle the passwords into Lanman format */
	passwd[14] = '\0';
/*	strupper(passwd); */

	/* Calculate the SMB (lanman) hash functions of the password */

	memset(p16, '\0', 16);
	E_P16((unsigned char *) passwd, (unsigned char *) p16);

	/* clear out local copy of user's password (just being paranoid). */
	memset(passwd, '\0', sizeof(passwd));
}
#endif

/* Does the NTLMv2 owfs of a user's password */
#if 0  /* function not needed yet - but will be soon */
static void
ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
		const char *domain_n, unsigned char kr_buf[16],
		const struct nls_table *nls_codepage)
{
	wchar_t *user_u;
	wchar_t *dom_u;
	int user_l, domain_l;
	struct HMACMD5Context ctx;

	/* might as well do one alloc to hold both (user_u and dom_u) */
	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
	if (user_u == NULL)
		return;
	dom_u = user_u + 1024;

	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
			STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
	   push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
			STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */

	/* BB user and domain may need to be uppercased */
	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);

	user_l++;		/* trailing null */
	domain_l++;

	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	hmac_md5_update((const unsigned char *) user_u, user_l * 2, &ctx);
	hmac_md5_update((const unsigned char *) dom_u, domain_l * 2, &ctx);
	hmac_md5_final(kr_buf, &ctx);

	kfree(user_u);
}
#endif

/* Does the des encryption from the NT or LM MD4 hash. */
static void
SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
	      unsigned char p24[24])
{
	unsigned char p21[21];

	memset(p21, '\0', 21);

	memcpy(p21, passwd, 16);
	E_P24(p21, c8, p24);
}

/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
#if 0 /* currently unused */
static void
NTLMSSPOWFencrypt(unsigned char passwd[8],
		  unsigned char *ntlmchalresp, unsigned char p24[24])
{
	unsigned char p21[21];

	memset(p21, '\0', 21);
	memcpy(p21, passwd, 8);
	memset(p21 + 8, 0xbd, 8);

	E_P24(p21, ntlmchalresp, p24);
}
#endif

/* Does the NT MD4 hash then des encryption. */

void
SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
{
	unsigned char p21[21];

	memset(p21, '\0', 21);

	E_md4hash(passwd, p21);
	SMBOWFencrypt(p21, c8, p24);
}


/* Does the md5 encryption from the NT hash for NTLMv2. */
/* These routines will be needed later */
#if 0
static void
SMBOWFencrypt_ntv2(const unsigned char kr[16],
		   const struct data_blob *srv_chal,
		   const struct data_blob *cli_chal, unsigned char resp_buf[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	hmac_md5_final(resp_buf, &ctx);
}

static void
SMBsesskeygen_ntv2(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(nt_resp, 16, &ctx);
	hmac_md5_final((unsigned char *) sess_key, &ctx);
}

static void
SMBsesskeygen_ntv1(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	mdfour((unsigned char *) sess_key, (unsigned char *) kr, 16);
}
#endif
Commit	Line	Data
790fe579	1	/*
1da177e4 LT	2	Unix SMB/Netbios implementation.
	3	Version 1.9.
	4	SMB parameters and setup
	5	Copyright (C) Andrew Tridgell 1992-2000
	6	Copyright (C) Luke Kenneth Casson Leighton 1996-2000
	7	Modified by Jeremy Allison 1995.
	8	Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
	9	Modified by Steve French (sfrench@us.ibm.com) 2002-2003
50c2f753	10
1da177e4 LT	11	This program is free software; you can redistribute it and/or modify
	12	it under the terms of the GNU General Public License as published by
	13	the Free Software Foundation; either version 2 of the License, or
	14	(at your option) any later version.
50c2f753	15
1da177e4 LT	16	This program is distributed in the hope that it will be useful,
	17	but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	GNU General Public License for more details.
50c2f753	20
1da177e4 LT	21	You should have received a copy of the GNU General Public License
	22	along with this program; if not, write to the Free Software
	23	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	24	*/
	25
	26	#include <linux/module.h>
	27	#include <linux/fs.h>
	28	#include <linux/string.h>
	29	#include <linux/kernel.h>
	30	#include <linux/random.h>
	31	#include "cifs_unicode.h"
	32	#include "cifspdu.h"
3979877e	33	#include "cifsglob.h"
1da177e4 LT	34	#include "md5.h"
	35	#include "cifs_debug.h"
	36	#include "cifsencrypt.h"
	37
4b18f2a9 SF	38	#ifndef false
4b18f2a9 SF	39	#define false 0
1da177e4	40	#endif
4b18f2a9 SF	41	#ifndef true
4b18f2a9 SF	42	#define true 1
1da177e4 LT	43	#endif
	44
	45	/* following came from the other byteorder.h to avoid include conflicts */
	46	#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
	47	#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
	48	#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
	49
	50	/The following definitions come from libsmb/smbencrypt.c /
	51
	52	void SMBencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24);
	53	void E_md4hash(const unsigned char passwd, unsigned char p16);
1da177e4 LT	54	static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
1da177e4 LT	55	unsigned char p24[24]);
1da177e4 LT	56	void SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24);
	57
	58	/*
	59	This implements the X/Open SMB password encryption
790fe579	60	It takes a password, a 8 byte "crypt key" and puts 24 bytes of
1da177e4 LT	61	encrypted password into p24 */
	62	/* Note that password must be uppercased and null terminated */
	63	void
	64	SMBencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24)
	65	{
	66	unsigned char p14[15], p21[21];
	67
	68	memset(p21, '\0', 21);
	69	memset(p14, '\0', 14);
	70	strncpy((char ) p14, (char ) passwd, 14);
	71
	72	/* strupper((char )p14); //* BB at least uppercase the easy range */
	73	E_P16(p14, p21);
	74
	75	SMBOWFencrypt(p21, c8, p24);
50c2f753	76
790fe579 SF	77	memset(p14, 0, 15);
790fe579 SF	78	memset(p21, 0, 21);
1da177e4 LT	79	}
	80
	81	/* Routines for Windows NT MD4 Hash functions. */
	82	static int
63d2583f	83	_my_wcslen(__u16 *str)
1da177e4 LT	84	{
	85	int len = 0;
	86	while (*str++ != 0)
	87	len++;
	88	return len;
	89	}
	90
	91	/*
	92	* Convert a string into an NT UNICODE string.
790fe579	93	* Note that regardless of processor type
1da177e4 LT	94	* this must be in intel (little-endian)
	95	* format.
	96	*/
	97
	98	static int
63d2583f	99	_my_mbstowcs(__u16 dst, const unsigned char src, int len)
790fe579	100	{ /* BB not a very good conversion routine - change/fix */
1da177e4 LT	101	int i;
	102	__u16 val;
	103
	104	for (i = 0; i < len; i++) {
	105	val = *src;
	106	SSVAL(dst, 0, val);
	107	dst++;
	108	src++;
	109	if (val == 0)
	110	break;
	111	}
	112	return i;
	113	}
	114
790fe579	115	/*
1da177e4 LT	116	* Creates the MD4 Hash of the users password in NT UNICODE.
	117	*/
	118
	119	void
	120	E_md4hash(const unsigned char passwd, unsigned char p16)
	121	{
	122	int len;
	123	__u16 wpwd[129];
	124
	125	/* Password cannot be longer than 128 characters */
790fe579	126	if (passwd) {
1da177e4	127	len = strlen((char *) passwd);
63d2583f	128	if (len > 128)
1da177e4	129	len = 128;
63d2583f	130
1da177e4 LT	131	/* Password must be converted to NT unicode */
	132	_my_mbstowcs(wpwd, passwd, len);
	133	} else
	134	len = 0;
	135
	136	wpwd[len] = 0; /* Ensure string is null terminated */
	137	/* Calculate length in bytes */
630f3f0c	138	len = _my_wcslen(wpwd) * sizeof(__u16);
1da177e4 LT	139
1da177e4 LT	140	mdfour(p16, (unsigned char *) wpwd, len);
790fe579	141	memset(wpwd, 0, 129 * 2);
1da177e4 LT	142	}
1da177e4 LT	143
e10847ed	144	#if 0 /* currently unused */
1da177e4	145	/* Does both the NT and LM owfs of a user's password */
2cd646a2	146	static void
1da177e4 LT	147	nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
	148	{
	149	char passwd[514];
	150
	151	memset(passwd, '\0', 514);
	152	if (strlen(pwd) < 513)
	153	strcpy(passwd, pwd);
	154	else
	155	memcpy(passwd, pwd, 512);
	156	/* Calculate the MD4 hash (NT compatible) of the password */
	157	memset(nt_p16, '\0', 16);
	158	E_md4hash(passwd, nt_p16);
	159
	160	/* Mangle the passwords into Lanman format */
	161	passwd[14] = '\0';
	162	/* strupper(passwd); */
	163
	164	/* Calculate the SMB (lanman) hash functions of the password */
	165
	166	memset(p16, '\0', 16);
	167	E_P16((unsigned char ) passwd, (unsigned char ) p16);
	168
	169	/* clear out local copy of user's password (just being paranoid). */
630f3f0c	170	memset(passwd, '\0', sizeof(passwd));
1da177e4	171	}
e10847ed	172	#endif
1da177e4 LT	173
	174	/* Does the NTLMv2 owfs of a user's password */
	175	#if 0 /* function not needed yet - but will be soon */
	176	static void
	177	ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
	178	const char *domain_n, unsigned char kr_buf[16],
	179	const struct nls_table *nls_codepage)
	180	{
50c2f753 SF	181	wchar_t *user_u;
50c2f753 SF	182	wchar_t *dom_u;
1da177e4 LT	183	int user_l, domain_l;
	184	struct HMACMD5Context ctx;
	185
	186	/* might as well do one alloc to hold both (user_u and dom_u) */
790fe579 SF	187	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
790fe579 SF	188	if (user_u == NULL)
1da177e4 LT	189	return;
1da177e4 LT	190	dom_u = user_u + 1024;
50c2f753	191
63d2583f SF	192	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
	193	STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER);
	194	push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
	195	STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER); */
1da177e4 LT	196
	197	/* BB user and domain may need to be uppercased */
	198	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	199	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);
	200
	201	user_l++; /* trailing null */
	202	domain_l++;
	203
	204	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	205	hmac_md5_update((const unsigned char ) user_u, user_l 2, &ctx);
	206	hmac_md5_update((const unsigned char ) dom_u, domain_l 2, &ctx);
	207	hmac_md5_final(kr_buf, &ctx);
	208
	209	kfree(user_u);
	210	}
790fe579	211	#endif
1da177e4 LT	212
	213	/* Does the des encryption from the NT or LM MD4 hash. */
	214	static void
	215	SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
	216	unsigned char p24[24])
	217	{
	218	unsigned char p21[21];
	219
	220	memset(p21, '\0', 21);
	221
	222	memcpy(p21, passwd, 16);
	223	E_P24(p21, c8, p24);
	224	}
	225
	226	/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
e10847ed	227	#if 0 /* currently unused */
2cd646a2	228	static void
1da177e4 LT	229	NTLMSSPOWFencrypt(unsigned char passwd[8],
	230	unsigned char *ntlmchalresp, unsigned char p24[24])
	231	{
	232	unsigned char p21[21];
	233
	234	memset(p21, '\0', 21);
	235	memcpy(p21, passwd, 8);
	236	memset(p21 + 8, 0xbd, 8);
	237
	238	E_P24(p21, ntlmchalresp, p24);
	239	}
e10847ed	240	#endif
1da177e4 LT	241
	242	/* Does the NT MD4 hash then des encryption. */
	243
	244	void
	245	SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24)
	246	{
	247	unsigned char p21[21];
	248
	249	memset(p21, '\0', 21);
	250
	251	E_md4hash(passwd, p21);
	252	SMBOWFencrypt(p21, c8, p24);
	253	}
	254
	255
	256	/* Does the md5 encryption from the NT hash for NTLMv2. */
	257	/* These routines will be needed later */
	258	#if 0
	259	static void
	260	SMBOWFencrypt_ntv2(const unsigned char kr[16],
790fe579 SF	261	const struct data_blob *srv_chal,
790fe579 SF	262	const struct data_blob *cli_chal, unsigned char resp_buf[16])
1da177e4	263	{
790fe579	264	struct HMACMD5Context ctx;
1da177e4	265
790fe579 SF	266	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	267	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	268	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	269	hmac_md5_final(resp_buf, &ctx);
1da177e4 LT	270	}
	271
	272	static void
	273	SMBsesskeygen_ntv2(const unsigned char kr[16],
	274	const unsigned char *nt_resp, __u8 sess_key[16])
	275	{
	276	struct HMACMD5Context ctx;
	277
	278	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	279	hmac_md5_update(nt_resp, 16, &ctx);
	280	hmac_md5_final((unsigned char *) sess_key, &ctx);
	281	}
	282
	283	static void
	284	SMBsesskeygen_ntv1(const unsigned char kr[16],
	285	const unsigned char *nt_resp, __u8 sess_key[16])
	286	{
	287	mdfour((unsigned char ) sess_key, (unsigned char ) kr, 16);
	288	}
	289	#endif