source3/libsmb/credentials.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    code to manipulate domain credentials
   5    Copyright (C) Andrew Tridgell 1997
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 2 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, write to the Free Software
  19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20 */
  21
  22 #include "includes.h"
  23
  24 extern int DEBUGLEVEL;
  25 /****************************************************************************
  26   setup the session key.
  27 Input: 8 byte challenge block
  28        8 byte server challenge block
  29       16 byte md4 encrypted password
  30 Output:
  31       8 byte session key
  32 ****************************************************************************/
  33 void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass,
  34                        uint32 session_key[2])
  35 {
  36         uint32 sum[2];
  37         unsigned char sum2[8];
  38         unsigned char netsesskey[8];
  39
  40         sum[0] = IVAL(clnt_chal->data, 0) + IVAL(srv_chal->data, 0);
  41         sum[1] = IVAL(clnt_chal->data, 4) + IVAL(srv_chal->data, 4);
  42
  43         SIVAL(sum2,0,sum[0]);
  44         SIVAL(sum2,4,sum[1]);
  45
  46         cred_hash1(netsesskey, sum2,(unsigned char *)pass);
  47
  48         session_key[0] = IVAL(netsesskey, 0);
  49         session_key[1] = IVAL(netsesskey, 4);
  50
  51         /* debug output */
  52         DEBUG(4,("cred_session_key\n"));
  53
  54         DEBUG(5,("      clnt_chal: %lx %lx\n", clnt_chal->data[0], clnt_chal->data[1]));
  55         DEBUG(5,("      srv_chal : %lx %lx\n", srv_chal ->data[0], srv_chal ->data[1]));
  56         DEBUG(5,("      clnt+srv : %lx %lx\n", sum            [0], sum            [1]));
  57         DEBUG(5,("      sess_key : %lx %lx\n", session_key    [0], session_key    [1]));
  58 }
  59
  60
  61 /****************************************************************************
  62 create a credential
  63
  64 Input:
  65       8 byte sesssion key
  66       8 byte stored credential
  67       4 byte timestamp
  68
  69 Output:
  70       8 byte credential
  71 ****************************************************************************/
  72 void cred_create(uint32 session_key[2], DOM_CHAL *stor_cred, UTIME timestamp,
  73                  DOM_CHAL *cred)
  74 {
  75         unsigned char calc_cred[8];
  76         unsigned char timecred[8];
  77         unsigned char netsesskey[8];
  78
  79         SIVAL(netsesskey, 0, session_key[0]);
  80         SIVAL(netsesskey, 4, session_key[1]);
  81
  82         SIVAL(timecred, 0, IVAL(stor_cred, 0) + timestamp.time);
  83         SIVAL(timecred, 4, IVAL(stor_cred, 4));
  84
  85         cred_hash2(calc_cred, timecred, netsesskey);
  86
  87         cred->data[0] = IVAL(calc_cred, 0);
  88         cred->data[1] = IVAL(calc_cred, 4);
  89
  90         /* debug output*/
  91         DEBUG(4,("cred_create\n"));
  92
  93         DEBUG(5,("      sess_key : %lx %lx\n", session_key    [0], session_key    [1]));
  94         DEBUG(5,("      stor_cred: %lx %lx\n", stor_cred->data[0], stor_cred->data[1]));
  95         DEBUG(5,("      timecred : %lx %lx\n", IVAL(timecred, 0) , IVAL(timecred, 4) ));
  96         DEBUG(5,("      calc_cred: %lx %lx\n", cred     ->data[0], cred     ->data[1]));
  97 }
  98
  99
 100 /****************************************************************************
 101   check a supplied credential
 102
 103 Input:
 104       8 byte received credential
 105       8 byte sesssion key
 106       8 byte stored credential
 107       4 byte timestamp
 108
 109 Output:
 110       returns 1 if computed credential matches received credential
 111       returns 0 otherwise
 112 ****************************************************************************/
 113 int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
 114                 UTIME timestamp)
 115 {
 116         DOM_CHAL cred2;
 117
 118         cred_create(session_key, stored_cred, timestamp, &cred2);
 119
 120         /* debug output*/
 121         DEBUG(4,("cred_assert\n"));
 122
 123         DEBUG(5,("      challenge : %lx %lx\n", cred->data[0], cred->data[1]));
 124         DEBUG(5,("      calculated: %lx %lx\n", cred2.data[0], cred2.data[1]));
 125
 126         if (memcmp(cred->data, cred2.data, 8) == 0)
 127         {
 128                 DEBUG(5, ("credentials check ok\n"));
 129                 return True;
 130         }
 131         else
 132         {
 133                 DEBUG(5, ("credentials check wrong\n"));
 134                 return False;
 135         }
 136 }
 137
 138
 139 /****************************************************************************
 140   checks credentials; generates next step in the credential chain
 141 ****************************************************************************/
 142 BOOL srv_deal_with_creds(struct dcinfo *dc, DOM_CRED *clnt_cred, DOM_CRED *srv_cred)
 143 {
 144         UTIME new_clnt_time;
 145         uint32 new_cred;
 146
 147         DEBUG(5,("deal_with_creds: %d\n", __LINE__));
 148
 149         /* check that the client credentials are valid */
 150         if (!cred_assert(&(clnt_cred->challenge), dc->sess_key,
 151                     &(dc->clnt_cred.challenge), clnt_cred->timestamp))
 152         {
 153                 return False;
 154         }
 155
 156         /* increment client time by one second */
 157         new_clnt_time.time = clnt_cred->timestamp.time + 1;
 158
 159         /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */
 160         new_cred = IVAL(dc->clnt_cred.challenge.data, 0);
 161         new_cred += new_clnt_time.time;
 162
 163         DEBUG(5,("deal_with_creds: new_cred[0]=%lx\n", new_cred));
 164
 165         /* doesn't matter that server time is 0 */
 166         srv_cred->timestamp.time = 0;
 167
 168         DEBUG(5,("deal_with_creds: new_clnt_time=%lx\n", new_clnt_time.time));
 169
 170         /* create return credentials for inclusion in the reply */
 171         cred_create(dc->sess_key, &(dc->clnt_cred.challenge), new_clnt_time,
 172                     &(srv_cred->challenge));
 173
 174         DEBUG(5,("deal_with_creds: clnt_cred[0]=%lx\n",
 175                   dc->clnt_cred.challenge.data[0]));
 176
 177         /* store new seed in client and server credentials */
 178         SIVAL(dc->clnt_cred.challenge.data, 0, new_cred);
 179         SIVAL(dc->srv_cred .challenge.data, 0, new_cred);
 180
 181         return True;
 182 }
 183
 184
 185 #if 0
 186 /****************************************************************************
 187   checks credentials; generates next step in the credential chain
 188 ****************************************************************************/
 189 BOOL clnt_deal_with_creds(struct dcinfo *dc, DOM_CRED *srv_cred, DOM_CRED *clnt_cred)
 190 {
 191         UTIME new_clnt_time;
 192         uint32 new_cred;
 193
 194         DEBUG(5,("deal_with_creds: %d\n", __LINE__));
 195
 196         /* setup new client time */
 197         dc->clnt_cred.timestamp.time = time(NULL);
 198
 199         /* create sent credentials for inclusion in the reply */
 200         cred_create(dc->sess_key, srv_cred, dc->clnt_cred.timestamp.time, clnt_cred);
 201
 202         /* increment client time by one second */
 203         (dc->clnt_cred.timestamp.time)++;
 204
 205         /* create expected return credentials to be received from server */
 206         cred_create(dc->sess_key, srv_cred, dc->clnt_cred.timestamp.time, clnt_cred);
 207
 208
 209
 210         /* check that the server credentials are valid */
 211         if (!cred_assert(&(srv_cred->challenge), dc->sess_key,
 212                     &(dc->clnt_cred), clnt_cred->timestamp))
 213         {
 214                 return False;
 215         }
 216         /* increment client time by one second */
 217         new_clnt_time = (dc->clnt_cred.timestamp.time += 1);
 218
 219         /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 */
 220         new_cred = IVAL(dc->clnt_cred.data, 0);
 221         new_cred += new_clnt_time.time;
 222
 223         DEBUG(5,("deal_with_creds: new_cred[0]=%lx\n", new_cred));
 224
 225         /* create new client credentials */
 226         cred_create(dc->sess_key, new_cred, new_clnt_time, clnt_cred);
 227
 228         DEBUG(5,("deal_with_creds: new_clnt_time=%lx\n", new_clnt_time.time));
 229
 230         /* create return credentials for inclusion in the reply
 231         cred_create(dc->sess_key, srv_cred, new_clnt_time,
 232                     clnt_cred);
 233         */
 234         DEBUG(5,("deal_with_creds: clnt_cred[0]=%lx\n",
 235                   dc->clnt_cred.data[0]));
 236
 237         /* store new seed in client and server credentials */
 238         SIVAL(dc->clnt_cred.data, 0, new_cred);
 239         SIVAL(dc->srv_cred .data, 0, new_cred);
 240
 241         return True;
 242 }
 243
 244 #endif