1/* 2 * chap_ms.c - Microsoft MS-CHAP compatible implementation. 3 * 4 * Copyright (c) 1995 Eric Rosenquist, Strata Software Limited. 5 * http://www.strataware.com/ 6 * 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms are permitted 10 * provided that the above copyright notice and this paragraph are 11 * duplicated in all such forms and that any documentation, 12 * advertising materials, and other materials related to such 13 * distribution and use acknowledge that the software was developed 14 * by Eric Rosenquist. The name of the author may not be used to 15 * endorse or promote products derived from this software without 16 * specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 20 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 *
|
22 * $Id: chap_ms.c,v 1.2 1997/10/26 01:02:20 brian Exp $
|
22 * $Id: chap_ms.c,v 1.3 1997/11/22 03:37:26 brian Exp $ |
23 * 24 */ 25 26#include <sys/types.h> 27 28#include <des.h> 29#include <stdio.h> 30#include <string.h> 31#include <sys/time.h> 32#include <syslog.h> 33 34#include "command.h" 35#include "mbuf.h" 36#include "timer.h" 37#include "chap.h" 38#include "chap_ms.h" 39 40/* unused, for documentation only */ 41/* only NTResp is filled in for FreeBSD */ 42typedef struct { 43 u_char LANManResp[24]; 44 u_char NTResp[24]; 45 u_char UseNT; /* If 1, ignore the LANMan response field */ 46} MS_ChapResponse; 47 48static void DesEncrypt(u_char *, u_char *, u_char *); 49static void MakeKey(u_char *, u_char *); 50 51static void /* IN 8 octets IN 16 octets OUT 24 octets */ 52ChallengeResponse(u_char *challenge, u_char *pwHash, u_char *response) 53{ 54 char ZPasswordHash[21]; 55
|
56 memset(ZPasswordHash, '\0', sizeof(ZPasswordHash));
|
56 memset(ZPasswordHash, '\0', sizeof ZPasswordHash); |
57 memcpy(ZPasswordHash, pwHash, 16); 58 59 DesEncrypt(challenge, ZPasswordHash + 0, response + 0); 60 DesEncrypt(challenge, ZPasswordHash + 7, response + 8); 61 DesEncrypt(challenge, ZPasswordHash + 14, response + 16); 62} 63 64static void /* IN 8 octets IN 7 octest OUT 8 octets */ 65DesEncrypt(u_char *clear, u_char *key, u_char *cipher) 66{ 67 des_cblock des_key; 68 des_key_schedule key_schedule; 69 70 MakeKey(key, des_key); 71 des_set_key(&des_key, key_schedule); 72 des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1); 73} 74 75static u_char Get7Bits(u_char *input, int startBit) 76{ 77 register unsigned int word; 78 79 word = (unsigned)input[startBit / 8] << 8; 80 word |= (unsigned)input[startBit / 8 + 1]; 81 82 word >>= 15 - (startBit % 8 + 7); 83 84 return word & 0xFE; 85} 86 87/* IN 56 bit DES key missing parity bits 88 OUT 64 bit DES key with parity bits added */ 89static void MakeKey(u_char *key, u_char *des_key) 90{ 91 des_key[0] = Get7Bits(key, 0); 92 des_key[1] = Get7Bits(key, 7); 93 des_key[2] = Get7Bits(key, 14); 94 des_key[3] = Get7Bits(key, 21); 95 des_key[4] = Get7Bits(key, 28); 96 des_key[5] = Get7Bits(key, 35); 97 des_key[6] = Get7Bits(key, 42); 98 des_key[7] = Get7Bits(key, 49); 99 100 des_set_odd_parity((des_cblock *)des_key); 101} 102 103/* passwordHash 16-bytes MD4 hashed password 104 challenge 8-bytes peer CHAP challenge 105 since passwordHash is in a 24-byte buffer, response is written in there */ 106void 107ChapMS(char *passwordHash, char *challenge, int challenge_len) 108{ 109 u_char response[24]; 110 111 ChallengeResponse(challenge, passwordHash, response); 112 memcpy(passwordHash, response, 24); 113 passwordHash += 24; 114 *passwordHash = 1; 115}
|