2 Unix SMB/Netbios implementation.
4 code to manipulate domain credentials
5 Copyright (C) Andrew Tridgell 1997
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern int DEBUGLEVEL;
25 /****************************************************************************
26 setup the session key.
27 Input: 8 byte challenge block
28 8 byte server challenge block
29 16 byte md4 encrypted password
32 ****************************************************************************/
33 void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass,
34 uint32 session_key[2])
37 unsigned char sum2[8];
38 unsigned char netsesskey[8];
40 sum[0] = IVAL(clnt_chal->data, 0) + IVAL(srv_chal->data, 0);
41 sum[1] = IVAL(clnt_chal->data, 4) + IVAL(srv_chal->data, 4);
46 cred_hash1(netsesskey, sum2,(unsigned char *)pass);
48 session_key[0] = IVAL(netsesskey, 0);
49 session_key[1] = IVAL(netsesskey, 4);
52 DEBUG(4,("cred_session_key\n"));
54 DEBUG(5,(" clnt_chal: %lx %lx\n", clnt_chal->data[0], clnt_chal->data[1]));
55 DEBUG(5,(" srv_chal : %lx %lx\n", srv_chal ->data[0], srv_chal ->data[1]));
56 DEBUG(5,(" clnt+srv : %lx %lx\n", sum [0], sum [1]));
57 DEBUG(5,(" sess_key : %lx %lx\n", session_key [0], session_key [1]));
61 /****************************************************************************
66 8 byte stored credential
71 ****************************************************************************/
72 void cred_create(uint32 session_key[2], DOM_CHAL *stor_cred, UTIME timestamp,
75 unsigned char calc_cred[8];
76 unsigned char timecred[8];
77 unsigned char netsesskey[8];
79 SIVAL(netsesskey, 0, session_key[0]);
80 SIVAL(netsesskey, 4, session_key[1]);
82 SIVAL(timecred, 0, IVAL(stor_cred, 0) + timestamp.time);
83 SIVAL(timecred, 4, IVAL(stor_cred, 4));
85 cred_hash2(calc_cred, timecred, netsesskey);
87 cred->data[0] = IVAL(calc_cred, 0);
88 cred->data[1] = IVAL(calc_cred, 4);
91 DEBUG(4,("cred_create\n"));
93 DEBUG(5,(" sess_key : %lx %lx\n", session_key [0], session_key [1]));
94 DEBUG(5,(" stor_cred: %lx %lx\n", stor_cred->data[0], stor_cred->data[1]));
95 DEBUG(5,(" timecred : %lx %lx\n", IVAL(timecred, 0) , IVAL(timecred, 4) ));
96 DEBUG(5,(" calc_cred: %lx %lx\n", cred ->data[0], cred ->data[1]));
100 /****************************************************************************
101 check a supplied credential
104 8 byte received credential
106 8 byte stored credential
110 returns 1 if computed credential matches received credential
112 ****************************************************************************/
113 int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
118 cred_create(session_key, stored_cred, timestamp, &cred2);
121 DEBUG(4,("cred_assert\n"));
123 DEBUG(5,(" challenge : %lx %lx\n", cred->data[0], cred->data[1]));
124 DEBUG(5,(" calculated: %lx %lx\n", cred2.data[0], cred2.data[1]));
126 if (memcmp(cred->data, cred2.data, 8) == 0)
128 DEBUG(5, ("credentials check ok\n"));
133 DEBUG(5, ("credentials check wrong\n"));
139 /****************************************************************************
140 checks credentials; generates next step in the credential chain
141 ****************************************************************************/
142 BOOL srv_deal_with_creds(struct dcinfo *dc, DOM_CRED *clnt_cred, DOM_CRED *srv_cred)
147 DEBUG(5,("deal_with_creds: %d\n", __LINE__));
149 /* check that the client credentials are valid */
150 if (!cred_assert(&(clnt_cred->challenge), dc->sess_key,
151 &(dc->clnt_cred.challenge), clnt_cred->timestamp))
156 /* increment client time by one second */
157 new_clnt_time.time = clnt_cred->timestamp.time + 1;
159 /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */
160 new_cred = IVAL(dc->clnt_cred.challenge.data, 0);
161 new_cred += new_clnt_time.time;
163 DEBUG(5,("deal_with_creds: new_cred[0]=%lx\n", new_cred));
165 /* doesn't matter that server time is 0 */
166 srv_cred->timestamp.time = 0;
168 DEBUG(5,("deal_with_creds: new_clnt_time=%lx\n", new_clnt_time.time));
170 /* create return credentials for inclusion in the reply */
171 cred_create(dc->sess_key, &(dc->clnt_cred.challenge), new_clnt_time,
172 &(srv_cred->challenge));
174 DEBUG(5,("deal_with_creds: clnt_cred[0]=%lx\n",
175 dc->clnt_cred.challenge.data[0]));
177 /* store new seed in client and server credentials */
178 SIVAL(dc->clnt_cred.challenge.data, 0, new_cred);
179 SIVAL(dc->srv_cred .challenge.data, 0, new_cred);
186 /****************************************************************************
187 checks credentials; generates next step in the credential chain
188 ****************************************************************************/
189 BOOL clnt_deal_with_creds(struct dcinfo *dc, DOM_CRED *srv_cred, DOM_CRED *clnt_cred)
194 DEBUG(5,("deal_with_creds: %d\n", __LINE__));
196 /* setup new client time */
197 dc->clnt_cred.timestamp.time = time(NULL);
199 /* create sent credentials for inclusion in the reply */
200 cred_create(dc->sess_key, srv_cred, dc->clnt_cred.timestamp.time, clnt_cred);
202 /* increment client time by one second */
203 (dc->clnt_cred.timestamp.time)++;
205 /* create expected return credentials to be received from server */
206 cred_create(dc->sess_key, srv_cred, dc->clnt_cred.timestamp.time, clnt_cred);
210 /* check that the server credentials are valid */
211 if (!cred_assert(&(srv_cred->challenge), dc->sess_key,
212 &(dc->clnt_cred), clnt_cred->timestamp))
216 /* increment client time by one second */
217 new_clnt_time = (dc->clnt_cred.timestamp.time += 1);
219 /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */
220 new_cred = IVAL(dc->clnt_cred.data, 0);
221 new_cred += new_clnt_time.time;
223 DEBUG(5,("deal_with_creds: new_cred[0]=%lx\n", new_cred));
225 /* create new client credentials */
226 cred_create(dc->sess_key, new_cred, new_clnt_time, clnt_cred);
228 DEBUG(5,("deal_with_creds: new_clnt_time=%lx\n", new_clnt_time.time));
230 /* create return credentials for inclusion in the reply
231 cred_create(dc->sess_key, srv_cred, new_clnt_time,
234 DEBUG(5,("deal_with_creds: clnt_cred[0]=%lx\n",
235 dc->clnt_cred.data[0]));
237 /* store new seed in client and server credentials */
238 SIVAL(dc->clnt_cred.data, 0, new_cred);
239 SIVAL(dc->srv_cred .data, 0, new_cred);