[deliverable/linux.git] / fs / cifs / smbencrypt.c

/*
   Unix SMB/Netbios implementation.
   Version 1.9.
   SMB parameters and setup
   Copyright (C) Andrew Tridgell 1992-2000
   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
   Modified by Jeremy Allison 1995.
   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   Modified by Steve French (sfrench@us.ibm.com) 2002-2003

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include <linux/module.h>
#include <linux/fs.h>
#include <linux/string.h>
#include <linux/kernel.h>
#include <linux/random.h>
#include "cifs_unicode.h"
#include "cifspdu.h"
#include "cifsglob.h"
#include "md5.h"
#include "cifs_debug.h"
#include "cifsencrypt.h"

#ifndef FALSE
#define FALSE 0
#endif
#ifndef TRUE
#define TRUE 1
#endif

/* following came from the other byteorder.h to avoid include conflicts */
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))

/*The following definitions come from  libsmb/smbencrypt.c  */

void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
void E_md4hash(const unsigned char *passwd, unsigned char *p16);
static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
		   unsigned char p24[24]);
void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);

/*
   This implements the X/Open SMB password encryption
   It takes a password, a 8 byte "crypt key" and puts 24 bytes of
   encrypted password into p24 */
/* Note that password must be uppercased and null terminated */
void
SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
{
	unsigned char p14[15], p21[21];

	memset(p21, '\0', 21);
	memset(p14, '\0', 14);
	strncpy((char *) p14, (char *) passwd, 14);

/*	strupper((char *)p14); *//* BB at least uppercase the easy range */
	E_P16(p14, p21);

	SMBOWFencrypt(p21, c8, p24);

	memset(p14, 0, 15);
	memset(p21, 0, 21);
}

/* Routines for Windows NT MD4 Hash functions. */
static int
_my_wcslen(__u16 * str)
{
	int len = 0;
	while (*str++ != 0)
		len++;
	return len;
}

/*
 * Convert a string into an NT UNICODE string.
 * Note that regardless of processor type
 * this must be in intel (little-endian)
 * format.
 */

static int
_my_mbstowcs(__u16 * dst, const unsigned char *src, int len)
{	/* BB not a very good conversion routine - change/fix */
	int i;
	__u16 val;

	for (i = 0; i < len; i++) {
		val = *src;
		SSVAL(dst, 0, val);
		dst++;
		src++;
		if (val == 0)
			break;
	}
	return i;
}

/*
 * Creates the MD4 Hash of the users password in NT UNICODE.
 */

void
E_md4hash(const unsigned char *passwd, unsigned char *p16)
{
	int len;
	__u16 wpwd[129];

	/* Password cannot be longer than 128 characters */
	if (passwd) {
		len = strlen((char *) passwd);
		if (len > 128) {
			len = 128;
		}
		/* Password must be converted to NT unicode */
		_my_mbstowcs(wpwd, passwd, len);
	} else
		len = 0;

	wpwd[len] = 0;	/* Ensure string is null terminated */
	/* Calculate length in bytes */
	len = _my_wcslen(wpwd) * sizeof (__u16);

	mdfour(p16, (unsigned char *) wpwd, len);
	memset(wpwd, 0, 129 * 2);
}

#if 0 /* currently unused */
/* Does both the NT and LM owfs of a user's password */
static void
nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
{
	char passwd[514];

	memset(passwd, '\0', 514);
	if (strlen(pwd) < 513)
		strcpy(passwd, pwd);
	else
		memcpy(passwd, pwd, 512);
	/* Calculate the MD4 hash (NT compatible) of the password */
	memset(nt_p16, '\0', 16);
	E_md4hash(passwd, nt_p16);

	/* Mangle the passwords into Lanman format */
	passwd[14] = '\0';
/*	strupper(passwd); */

	/* Calculate the SMB (lanman) hash functions of the password */

	memset(p16, '\0', 16);
	E_P16((unsigned char *) passwd, (unsigned char *) p16);

	/* clear out local copy of user's password (just being paranoid). */
	memset(passwd, '\0', sizeof (passwd));
}
#endif

/* Does the NTLMv2 owfs of a user's password */
#if 0  /* function not needed yet - but will be soon */
static void
ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
		const char *domain_n, unsigned char kr_buf[16],
		const struct nls_table *nls_codepage)
{
	wchar_t *user_u;
	wchar_t *dom_u;
	int user_l, domain_l;
	struct HMACMD5Context ctx;

	/* might as well do one alloc to hold both (user_u and dom_u) */
	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
	if (user_u == NULL)
		return;
	dom_u = user_u + 1024;

	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2, STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
	   push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2, STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */

	/* BB user and domain may need to be uppercased */
	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);

	user_l++;		/* trailing null */
	domain_l++;

	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	hmac_md5_update((const unsigned char *) user_u, user_l * 2, &ctx);
	hmac_md5_update((const unsigned char *) dom_u, domain_l * 2, &ctx);
	hmac_md5_final(kr_buf, &ctx);

	kfree(user_u);
}
#endif

/* Does the des encryption from the NT or LM MD4 hash. */
static void
SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
	      unsigned char p24[24])
{
	unsigned char p21[21];

	memset(p21, '\0', 21);

	memcpy(p21, passwd, 16);
	E_P24(p21, c8, p24);
}

/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
#if 0 /* currently unused */
static void
NTLMSSPOWFencrypt(unsigned char passwd[8],
		  unsigned char *ntlmchalresp, unsigned char p24[24])
{
	unsigned char p21[21];

	memset(p21, '\0', 21);
	memcpy(p21, passwd, 8);
	memset(p21 + 8, 0xbd, 8);

	E_P24(p21, ntlmchalresp, p24);
}
#endif

/* Does the NT MD4 hash then des encryption. */

void
SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
{
	unsigned char p21[21];

	memset(p21, '\0', 21);

	E_md4hash(passwd, p21);
	SMBOWFencrypt(p21, c8, p24);
}


/* Does the md5 encryption from the NT hash for NTLMv2. */
/* These routines will be needed later */
#if 0
static void
SMBOWFencrypt_ntv2(const unsigned char kr[16],
		   const struct data_blob *srv_chal,
		   const struct data_blob *cli_chal, unsigned char resp_buf[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	hmac_md5_final(resp_buf, &ctx);
}

static void
SMBsesskeygen_ntv2(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	struct HMACMD5Context ctx;

	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	hmac_md5_update(nt_resp, 16, &ctx);
	hmac_md5_final((unsigned char *) sess_key, &ctx);
}

static void
SMBsesskeygen_ntv1(const unsigned char kr[16],
		   const unsigned char *nt_resp, __u8 sess_key[16])
{
	mdfour((unsigned char *) sess_key, (unsigned char *) kr, 16);
}
#endif
Commit	Line	Data
790fe579	1	/*
1da177e4 LT	2	Unix SMB/Netbios implementation.
	3	Version 1.9.
	4	SMB parameters and setup
	5	Copyright (C) Andrew Tridgell 1992-2000
	6	Copyright (C) Luke Kenneth Casson Leighton 1996-2000
	7	Modified by Jeremy Allison 1995.
	8	Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
	9	Modified by Steve French (sfrench@us.ibm.com) 2002-2003
50c2f753	10
1da177e4 LT	11	This program is free software; you can redistribute it and/or modify
	12	it under the terms of the GNU General Public License as published by
	13	the Free Software Foundation; either version 2 of the License, or
	14	(at your option) any later version.
50c2f753	15
1da177e4 LT	16	This program is distributed in the hope that it will be useful,
	17	but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	GNU General Public License for more details.
50c2f753	20
1da177e4 LT	21	You should have received a copy of the GNU General Public License
	22	along with this program; if not, write to the Free Software
	23	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	24	*/
	25
	26	#include <linux/module.h>
	27	#include <linux/fs.h>
	28	#include <linux/string.h>
	29	#include <linux/kernel.h>
	30	#include <linux/random.h>
	31	#include "cifs_unicode.h"
	32	#include "cifspdu.h"
3979877e	33	#include "cifsglob.h"
1da177e4 LT	34	#include "md5.h"
	35	#include "cifs_debug.h"
	36	#include "cifsencrypt.h"
	37
	38	#ifndef FALSE
	39	#define FALSE 0
	40	#endif
	41	#ifndef TRUE
	42	#define TRUE 1
	43	#endif
	44
	45	/* following came from the other byteorder.h to avoid include conflicts */
	46	#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
	47	#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
	48	#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
	49
	50	/The following definitions come from libsmb/smbencrypt.c /
	51
	52	void SMBencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24);
	53	void E_md4hash(const unsigned char passwd, unsigned char p16);
1da177e4 LT	54	static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
1da177e4 LT	55	unsigned char p24[24]);
1da177e4 LT	56	void SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24);
	57
	58	/*
	59	This implements the X/Open SMB password encryption
790fe579	60	It takes a password, a 8 byte "crypt key" and puts 24 bytes of
1da177e4 LT	61	encrypted password into p24 */
	62	/* Note that password must be uppercased and null terminated */
	63	void
	64	SMBencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24)
	65	{
	66	unsigned char p14[15], p21[21];
	67
	68	memset(p21, '\0', 21);
	69	memset(p14, '\0', 14);
	70	strncpy((char ) p14, (char ) passwd, 14);
	71
	72	/* strupper((char )p14); //* BB at least uppercase the easy range */
	73	E_P16(p14, p21);
	74
	75	SMBOWFencrypt(p21, c8, p24);
50c2f753	76
790fe579 SF	77	memset(p14, 0, 15);
790fe579 SF	78	memset(p21, 0, 21);
1da177e4 LT	79	}
	80
	81	/* Routines for Windows NT MD4 Hash functions. */
	82	static int
	83	_my_wcslen(__u16 * str)
	84	{
	85	int len = 0;
	86	while (*str++ != 0)
	87	len++;
	88	return len;
	89	}
	90
	91	/*
	92	* Convert a string into an NT UNICODE string.
790fe579	93	* Note that regardless of processor type
1da177e4 LT	94	* this must be in intel (little-endian)
	95	* format.
	96	*/
	97
	98	static int
	99	_my_mbstowcs(__u16 * dst, const unsigned char *src, int len)
790fe579	100	{ /* BB not a very good conversion routine - change/fix */
1da177e4 LT	101	int i;
	102	__u16 val;
	103
	104	for (i = 0; i < len; i++) {
	105	val = *src;
	106	SSVAL(dst, 0, val);
	107	dst++;
	108	src++;
	109	if (val == 0)
	110	break;
	111	}
	112	return i;
	113	}
	114
790fe579	115	/*
1da177e4 LT	116	* Creates the MD4 Hash of the users password in NT UNICODE.
	117	*/
	118
	119	void
	120	E_md4hash(const unsigned char passwd, unsigned char p16)
	121	{
	122	int len;
	123	__u16 wpwd[129];
	124
	125	/* Password cannot be longer than 128 characters */
790fe579	126	if (passwd) {
1da177e4 LT	127	len = strlen((char *) passwd);
	128	if (len > 128) {
	129	len = 128;
	130	}
	131	/* Password must be converted to NT unicode */
	132	_my_mbstowcs(wpwd, passwd, len);
	133	} else
	134	len = 0;
	135
	136	wpwd[len] = 0; /* Ensure string is null terminated */
	137	/* Calculate length in bytes */
	138	len = _my_wcslen(wpwd) * sizeof (__u16);
	139
	140	mdfour(p16, (unsigned char *) wpwd, len);
790fe579	141	memset(wpwd, 0, 129 * 2);
1da177e4 LT	142	}
1da177e4 LT	143
e10847ed	144	#if 0 /* currently unused */
1da177e4	145	/* Does both the NT and LM owfs of a user's password */
2cd646a2	146	static void
1da177e4 LT	147	nt_lm_owf_gen(char *pwd, unsigned char nt_p16[16], unsigned char p16[16])
	148	{
	149	char passwd[514];
	150
	151	memset(passwd, '\0', 514);
	152	if (strlen(pwd) < 513)
	153	strcpy(passwd, pwd);
	154	else
	155	memcpy(passwd, pwd, 512);
	156	/* Calculate the MD4 hash (NT compatible) of the password */
	157	memset(nt_p16, '\0', 16);
	158	E_md4hash(passwd, nt_p16);
	159
	160	/* Mangle the passwords into Lanman format */
	161	passwd[14] = '\0';
	162	/* strupper(passwd); */
	163
	164	/* Calculate the SMB (lanman) hash functions of the password */
	165
	166	memset(p16, '\0', 16);
	167	E_P16((unsigned char ) passwd, (unsigned char ) p16);
	168
	169	/* clear out local copy of user's password (just being paranoid). */
	170	memset(passwd, '\0', sizeof (passwd));
	171	}
e10847ed	172	#endif
1da177e4 LT	173
	174	/* Does the NTLMv2 owfs of a user's password */
	175	#if 0 /* function not needed yet - but will be soon */
	176	static void
	177	ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
	178	const char *domain_n, unsigned char kr_buf[16],
	179	const struct nls_table *nls_codepage)
	180	{
50c2f753 SF	181	wchar_t *user_u;
50c2f753 SF	182	wchar_t *dom_u;
1da177e4 LT	183	int user_l, domain_l;
	184	struct HMACMD5Context ctx;
	185
	186	/* might as well do one alloc to hold both (user_u and dom_u) */
790fe579 SF	187	user_u = kmalloc(2048 * sizeof(wchar_t), GFP_KERNEL);
790fe579 SF	188	if (user_u == NULL)
1da177e4 LT	189	return;
1da177e4 LT	190	dom_u = user_u + 1024;
50c2f753	191
1da177e4 LT	192	/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2, STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER);
	193	push_ucs2(NULL, dom_u, domain_n, (domain_l+1)2, STR_UNICODE\|STR_NOALIGN\|STR_TERMINATE\|STR_UPPER); /
	194
	195	/* BB user and domain may need to be uppercased */
	196	user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);
	197	domain_l = cifs_strtoUCS(dom_u, domain_n, 511, nls_codepage);
	198
	199	user_l++; /* trailing null */
	200	domain_l++;
	201
	202	hmac_md5_init_limK_to_64(owf, 16, &ctx);
	203	hmac_md5_update((const unsigned char ) user_u, user_l 2, &ctx);
	204	hmac_md5_update((const unsigned char ) dom_u, domain_l 2, &ctx);
	205	hmac_md5_final(kr_buf, &ctx);
	206
	207	kfree(user_u);
	208	}
790fe579	209	#endif
1da177e4 LT	210
	211	/* Does the des encryption from the NT or LM MD4 hash. */
	212	static void
	213	SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
	214	unsigned char p24[24])
	215	{
	216	unsigned char p21[21];
	217
	218	memset(p21, '\0', 21);
	219
	220	memcpy(p21, passwd, 16);
	221	E_P24(p21, c8, p24);
	222	}
	223
	224	/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
e10847ed	225	#if 0 /* currently unused */
2cd646a2	226	static void
1da177e4 LT	227	NTLMSSPOWFencrypt(unsigned char passwd[8],
	228	unsigned char *ntlmchalresp, unsigned char p24[24])
	229	{
	230	unsigned char p21[21];
	231
	232	memset(p21, '\0', 21);
	233	memcpy(p21, passwd, 8);
	234	memset(p21 + 8, 0xbd, 8);
	235
	236	E_P24(p21, ntlmchalresp, p24);
	237	}
e10847ed	238	#endif
1da177e4 LT	239
	240	/* Does the NT MD4 hash then des encryption. */
	241
	242	void
	243	SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24)
	244	{
	245	unsigned char p21[21];
	246
	247	memset(p21, '\0', 21);
	248
	249	E_md4hash(passwd, p21);
	250	SMBOWFencrypt(p21, c8, p24);
	251	}
	252
	253
	254	/* Does the md5 encryption from the NT hash for NTLMv2. */
	255	/* These routines will be needed later */
	256	#if 0
	257	static void
	258	SMBOWFencrypt_ntv2(const unsigned char kr[16],
790fe579 SF	259	const struct data_blob *srv_chal,
790fe579 SF	260	const struct data_blob *cli_chal, unsigned char resp_buf[16])
1da177e4	261	{
790fe579	262	struct HMACMD5Context ctx;
1da177e4	263
790fe579 SF	264	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	265	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
	266	hmac_md5_update(cli_chal->data, cli_chal->length, &ctx);
	267	hmac_md5_final(resp_buf, &ctx);
1da177e4 LT	268	}
	269
	270	static void
	271	SMBsesskeygen_ntv2(const unsigned char kr[16],
	272	const unsigned char *nt_resp, __u8 sess_key[16])
	273	{
	274	struct HMACMD5Context ctx;
	275
	276	hmac_md5_init_limK_to_64(kr, 16, &ctx);
	277	hmac_md5_update(nt_resp, 16, &ctx);
	278	hmac_md5_final((unsigned char *) sess_key, &ctx);
	279	}
	280
	281	static void
	282	SMBsesskeygen_ntv1(const unsigned char kr[16],
	283	const unsigned char *nt_resp, __u8 sess_key[16])
	284	{
	285	mdfour((unsigned char ) sess_key, (unsigned char ) kr, 16);
	286	}
	287	#endif