1/*
2 * chap_ms.c - Microsoft MS-CHAP compatible implementation.
3 *
4 * Copyright (c) 1995 Eric Rosenquist, Strata Software Limited.
5 * http://www.strataware.com/
6 *
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms are permitted
10 * provided that the above copyright notice and this paragraph are
11 * duplicated in all such forms and that any documentation,
12 * advertising materials, and other materials related to such
13 * distribution and use acknowledge that the software was developed
14 * by Eric Rosenquist. The name of the author may not be used to
15 * endorse or promote products derived from this software without
16 * specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 *
|
22 * $Id: chap_ms.c,v 1.2 1997/10/26 01:02:20 brian Exp $
|
| 22 * $Id: chap_ms.c,v 1.3 1997/11/22 03:37:26 brian Exp $ |
23 *
24 */
25
26#include <sys/types.h>
27
28#include <des.h>
29#include <stdio.h>
30#include <string.h>
31#include <sys/time.h>
32#include <syslog.h>
33
34#include "command.h"
35#include "mbuf.h"
36#include "timer.h"
37#include "chap.h"
38#include "chap_ms.h"
39
40/* unused, for documentation only */
41/* only NTResp is filled in for FreeBSD */
42typedef struct {
43 u_char LANManResp[24];
44 u_char NTResp[24];
45 u_char UseNT; /* If 1, ignore the LANMan response field */
46} MS_ChapResponse;
47
48static void DesEncrypt(u_char *, u_char *, u_char *);
49static void MakeKey(u_char *, u_char *);
50
51static void /* IN 8 octets IN 16 octets OUT 24 octets */
52ChallengeResponse(u_char *challenge, u_char *pwHash, u_char *response)
53{
54 char ZPasswordHash[21];
55
|
56 memset(ZPasswordHash, '\0', sizeof(ZPasswordHash));
|
| 56 memset(ZPasswordHash, '\0', sizeof ZPasswordHash); |
57 memcpy(ZPasswordHash, pwHash, 16);
58
59 DesEncrypt(challenge, ZPasswordHash + 0, response + 0);
60 DesEncrypt(challenge, ZPasswordHash + 7, response + 8);
61 DesEncrypt(challenge, ZPasswordHash + 14, response + 16);
62}
63
64static void /* IN 8 octets IN 7 octest OUT 8 octets */
65DesEncrypt(u_char *clear, u_char *key, u_char *cipher)
66{
67 des_cblock des_key;
68 des_key_schedule key_schedule;
69
70 MakeKey(key, des_key);
71 des_set_key(&des_key, key_schedule);
72 des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
73}
74
75static u_char Get7Bits(u_char *input, int startBit)
76{
77 register unsigned int word;
78
79 word = (unsigned)input[startBit / 8] << 8;
80 word |= (unsigned)input[startBit / 8 + 1];
81
82 word >>= 15 - (startBit % 8 + 7);
83
84 return word & 0xFE;
85}
86
87/* IN 56 bit DES key missing parity bits
88 OUT 64 bit DES key with parity bits added */
89static void MakeKey(u_char *key, u_char *des_key)
90{
91 des_key[0] = Get7Bits(key, 0);
92 des_key[1] = Get7Bits(key, 7);
93 des_key[2] = Get7Bits(key, 14);
94 des_key[3] = Get7Bits(key, 21);
95 des_key[4] = Get7Bits(key, 28);
96 des_key[5] = Get7Bits(key, 35);
97 des_key[6] = Get7Bits(key, 42);
98 des_key[7] = Get7Bits(key, 49);
99
100 des_set_odd_parity((des_cblock *)des_key);
101}
102
103/* passwordHash 16-bytes MD4 hashed password
104 challenge 8-bytes peer CHAP challenge
105 since passwordHash is in a 24-byte buffer, response is written in there */
106void
107ChapMS(char *passwordHash, char *challenge, int challenge_len)
108{
109 u_char response[24];
110
111 ChallengeResponse(challenge, passwordHash, response);
112 memcpy(passwordHash, response, 24);
113 passwordHash += 24;
114 *passwordHash = 1;
115}
|