improving authentication code (tidyup).
[kai/samba.git] / source / libsmb / pwd_cache.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 1.9.
4    Password cacheing.  obfuscation is planned
5    Copyright (C) Luke Kenneth Casson Leighton 1996-1998
6    
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License as published by
9    the Free Software Foundation; either version 2 of the License, or
10    (at your option) any later version.
11    
12    This program is distributed in the hope that it will be useful,
13    but WITHOUT ANY WARRANTY; without even the implied warranty of
14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15    GNU General Public License for more details.
16    
17    You should have received a copy of the GNU General Public License
18    along with this program; if not, write to the Free Software
19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 extern int DEBUGLEVEL;
25
26
27 /****************************************************************************
28 initialises a password structure
29 ****************************************************************************/
30 void pwd_init(struct pwd_info *pwd)
31 {
32         bzero(pwd->password  , sizeof(pwd->password  ));
33         bzero(pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
34         bzero(pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
35         bzero(pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
36         bzero(pwd->smb_nt_owf, sizeof(pwd->smb_nt_owf));
37
38         pwd->null_pwd  = True; /* safest option... */
39         pwd->cleartext = False;
40         pwd->crypted   = False;
41 }
42
43 /****************************************************************************
44 de-obfuscates a password
45 ****************************************************************************/
46 static void pwd_deobfuscate(struct pwd_info *pwd)
47 {
48 }
49
50 /****************************************************************************
51 obfuscates a password
52 ****************************************************************************/
53 static void pwd_obfuscate(struct pwd_info *pwd)
54 {
55 }
56
57 /****************************************************************************
58 sets the obfuscation key info
59 ****************************************************************************/
60 void pwd_obfuscate_key(struct pwd_info *pwd, uint32 int_key, char *str_key)
61 {
62 }
63
64 /****************************************************************************
65 reads a password
66 ****************************************************************************/
67 void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
68 {
69         /* grab a password */
70         char *user_pass;
71
72         pwd_init(pwd);
73
74         user_pass = (char*)getpass(passwd_report);
75
76         if (user_pass == NULL || user_pass[0] == 0)
77         {
78                 pwd_set_nullpwd(pwd);
79         }
80         else if (do_encrypt)
81         {
82                 pwd_make_lm_nt_16(pwd, user_pass);
83         }
84         else
85         {
86                 pwd_set_cleartext(pwd, user_pass);
87         }
88 }
89
90 /****************************************************************************
91  stores a cleartext password
92  ****************************************************************************/
93 void pwd_set_nullpwd(struct pwd_info *pwd)
94 {
95         pwd_init(pwd);
96
97         pwd->cleartext = False;
98         pwd->null_pwd  = True;
99         pwd->crypted   = False;
100 }
101
102 /****************************************************************************
103  stores a cleartext password
104  ****************************************************************************/
105 void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
106 {
107         pwd_init(pwd);
108         fstrcpy(pwd->password, clr);
109         pwd->cleartext = True;
110         pwd->null_pwd  = False;
111         pwd->crypted   = False;
112
113         pwd_obfuscate(pwd);
114 }
115
116 /****************************************************************************
117  gets a cleartext password
118  ****************************************************************************/
119 void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
120 {
121         pwd_deobfuscate(pwd);
122         if (pwd->cleartext)
123         {
124                 fstrcpy(clr, pwd->password);
125         }
126         else
127         {
128                 clr[0] = 0;
129         }
130         pwd_obfuscate(pwd);
131 }
132
133 /****************************************************************************
134  stores lm and nt hashed passwords
135  ****************************************************************************/
136 void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
137 {
138         pwd_init(pwd);
139
140         if (lm_pwd)
141         {
142                 memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
143         }
144         else
145         {
146                 bzero(pwd->smb_lm_pwd, 16);
147         }
148
149         if (nt_pwd)
150         {
151                 memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
152         }
153         else
154         {
155                 bzero(pwd->smb_nt_pwd, 16);
156         }
157
158         pwd->null_pwd  = False;
159         pwd->cleartext = False;
160         pwd->crypted   = False;
161
162         pwd_obfuscate(pwd);
163 }
164
165 /****************************************************************************
166  gets lm and nt hashed passwords
167  ****************************************************************************/
168 void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
169 {
170         pwd_deobfuscate(pwd);
171         if (lm_pwd != NULL)
172         {
173                 memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
174         }
175         if (nt_pwd != NULL)
176         {
177                 memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
178         }
179         pwd_obfuscate(pwd);
180 }
181
182 /****************************************************************************
183  makes lm and nt hashed passwords
184  ****************************************************************************/
185 void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
186 {
187         pwd_init(pwd);
188
189         nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
190         pwd->null_pwd  = False;
191         pwd->cleartext = False;
192         pwd->crypted = False;
193
194         pwd_obfuscate(pwd);
195 }
196
197 /****************************************************************************
198  makes lm and nt OWF crypts
199  ****************************************************************************/
200 void pwd_make_lm_nt_owf2(struct pwd_info *pwd, const uchar srv_key[8],
201                 const char *user, const char *server, const char *domain)
202 {
203         uchar kr[16];
204
205         DEBUG(10,("pwd_make_lm_nt_owf2: user %s, srv %s, dom %s\n",
206                 user, server, domain));
207
208         pwd_deobfuscate(pwd);
209
210         SMBgenclientchals(pwd->lm_cli_chal,
211                           pwd->nt_cli_chal,
212                           &pwd->nt_cli_chal_len,
213                           server, domain);
214         
215         ntv2_owf_gen(pwd->smb_nt_pwd, user, domain, kr);
216
217         /* lm # */
218         SMBOWFencrypt_ntv2(kr,
219                            srv_key, 8,
220                            pwd->lm_cli_chal, 8,
221                            pwd->smb_lm_owf);
222         memcpy(&pwd->smb_lm_owf[16], pwd->lm_cli_chal, 8);
223
224         /* nt # */
225         SMBOWFencrypt_ntv2(kr,
226                        srv_key, 8,
227                        pwd->nt_cli_chal, pwd->nt_cli_chal_len,
228                        pwd->smb_nt_owf);
229         memcpy(&pwd->smb_nt_owf[16], pwd->nt_cli_chal, pwd->nt_cli_chal_len);
230         pwd->nt_owf_len = pwd->nt_cli_chal_len + 16;
231
232 #ifdef DEBUG_PASSWORD
233         DEBUG(100,("server cryptkey: "));
234         dump_data(100, srv_key, 8);
235
236         DEBUG(100,("client lmv2 cryptkey: "));
237         dump_data(100, pwd->lm_cli_chal, 8);
238
239         DEBUG(100,("client ntv2 cryptkey: "));
240         dump_data(100, pwd->nt_cli_chal, pwd->nt_cli_chal_len);
241
242         DEBUG(100,("ntv2_owf_passwd: "));
243         dump_data(100, pwd->smb_nt_owf, pwd->nt_owf_len);
244         DEBUG(100,("nt_sess_pwd: "));
245         dump_data(100, pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
246
247         DEBUG(100,("lmv2_owf_passwd: "));
248         dump_data(100, pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
249         DEBUG(100,("lm_sess_pwd: "));
250         dump_data(100, pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
251 #endif
252         pwd->crypted = True;
253
254         pwd_obfuscate(pwd);
255 }
256
257 /****************************************************************************
258  makes lm and nt OWF crypts
259  ****************************************************************************/
260 void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
261 {
262         pwd_deobfuscate(pwd);
263
264         SMBOWFencrypt(pwd->smb_lm_pwd, cryptkey, pwd->smb_lm_owf);
265         SMBOWFencrypt(pwd->smb_nt_pwd, cryptkey, pwd->smb_nt_owf);
266         pwd->nt_owf_len = 24;
267
268 #ifdef DEBUG_PASSWORD
269         DEBUG(100,("client cryptkey: "));
270         dump_data(100, cryptkey, 8);
271
272         DEBUG(100,("nt_owf_passwd: "));
273         dump_data(100, pwd->smb_nt_owf, pwd->nt_owf_len);
274         DEBUG(100,("nt_sess_pwd: "));
275         dump_data(100, pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
276
277         DEBUG(100,("lm_owf_passwd: "));
278         dump_data(100, pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
279         DEBUG(100,("lm_sess_pwd: "));
280         dump_data(100, pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
281 #endif
282
283         pwd->crypted = True;
284
285         pwd_obfuscate(pwd);
286 }
287
288 /****************************************************************************
289  gets lm and nt crypts
290  ****************************************************************************/
291 void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24],
292                                 uchar *nt_owf, size_t *nt_owf_len)
293 {
294         pwd_deobfuscate(pwd);
295         if (lm_owf != NULL)
296         {
297                 memcpy(lm_owf, pwd->smb_lm_owf, 24);
298         }
299         if (nt_owf != NULL)
300         {
301                 memcpy(nt_owf, pwd->smb_nt_owf, pwd->nt_owf_len);
302         }
303         if (nt_owf_len != NULL)
304         {
305                 *nt_owf_len = pwd->nt_owf_len;
306         }
307         pwd_obfuscate(pwd);
308 }
309