search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mark PurpleImageClass as private
[pidgin-git.git] / libpurple / protocols / simple / ntlm.c
blob28479b40ea386c5b47edbcdf0a6d0d471fd8b274
1 /* purple
2 *
3 * Copyright (C) 2005 Thomas Butter <butter@uni-mannheim.de>
4 *
5 * hashing done according to description of NTLM on
6 * http://www.innovation.ch/java/ntlm.html
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
21 */
22
23 #include "internal.h"
24
25 #include "util.h"
26 #include "ntlm.h"
27 #include "debug.h"
28
29 #ifdef HAVE_NETTLE
30 #include <nettle/des.h>
31 #include <nettle/md4.h>
32 #endif
33
34 #include <string.h>
35
36 #define NTLM_NEGOTIATE_NTLM2_KEY 0x00080000
37
38 struct type2_message {
39 guint8 protocol[8]; /* 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0'*/
40 guint32 type; /* 0x00000002 */
41
42 guint32 zero;
43 guint16 msg_len1; /* target name length */
44 guint16 msg_len2; /* target name length */
45
46 guint32 flags; /* 0x00008201 */
47
48 guint8 nonce[8]; /* nonce */
49 guint8 context[8];
50 };
51
52 struct type3_message {
53 guint8 protocol[8]; /* 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0'*/
54 guint32 type; /* 0x00000003 */
55
56 guint16 lm_resp_len1; /* LanManager response length (always 0x18)*/
57 guint16 lm_resp_len2; /* LanManager response length (always 0x18)*/
58 guint32 lm_resp_off; /* LanManager response offset */
59
60 guint16 nt_resp_len1; /* NT response length (always 0x18) */
61 guint16 nt_resp_len2; /* NT response length (always 0x18) */
62 guint32 nt_resp_off; /* NT response offset */
63
64 guint16 dom_len1; /* domain string length */
65 guint16 dom_len2; /* domain string length */
66 guint32 dom_off; /* domain string offset (always 0x00000040) */
67
68 guint16 user_len1; /* username string length */
69 guint16 user_len2; /* username string length */
70 guint32 user_off; /* username string offset */
71
72 guint16 host_len1; /* host string length */
73 guint16 host_len2; /* host string length */
74 guint32 host_off; /* host string offset */
75
76 guint16 sess_len1;
77 guint16 sess_len2;
78 guint32 sess_off; /* message length */
79
80 guint32 flags; /* 0x00008201 */
81 /* guint32 flags2; */ /* unknown, used in windows messenger */
82 /* guint32 flags3; */
83 };
84
85 guint8 *
86 purple_ntlm_parse_type2(const gchar *type2, guint32 *flags)
87 {
88 gsize retlen;
89 guchar *buff;
90 struct type2_message tmsg;
91 static guint8 nonce[8];
92
93 buff = g_base64_decode(type2, &retlen);
94
95 if (buff != NULL && retlen >= (sizeof(struct type2_message) - 1)) {
96 memcpy(&tmsg, buff, MIN(retlen, sizeof(tmsg)));
97 memcpy(nonce, tmsg.nonce, 8);
98 if (flags != NULL)
99 *flags = GUINT16_FROM_LE(tmsg.flags);
100 } else {
101 purple_debug_error("ntlm", "Unable to parse type2 message - returning empty nonce.\n");
102 memset(nonce, 0, 8);
103 }
104 g_free(buff);
105
106 return nonce;
107 }
108
109 #ifdef HAVE_NETTLE
110 /*
111 * Create a 64bit DES key by taking a 56bit key and adding
112 * a parity bit after every 7th bit.
113 */
114 static void
115 setup_des_key(const guint8 key_56[], guint8 *key)
116 {
117 key[0] = key_56[0];
118 key[1] = ((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1);
119 key[2] = ((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2);
120 key[3] = ((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3);
121 key[4] = ((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4);
122 key[5] = ((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5);
123 key[6] = ((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6);
124 key[7] = (key_56[6] << 1) & 0xFF;
125 }
126
127 /*
128 * helper function for des encryption
129 */
130 static void
131 des_ecb_encrypt(const guint8 *plaintext, guint8 *result, const guint8 *key)
132 {
133 struct des_ctx ctx;
134
135 des_set_key(&ctx, key);
136 des_encrypt(&ctx, DES_BLOCK_SIZE, result, plaintext);
137 }
138
139 /*
140 * takes a 21 byte array and treats it as 3 56-bit DES keys. The
141 * 8 byte plaintext is encrypted with each key and the resulting 24
142 * bytes are stored in the results array.
143 */
144 static void
145 calc_resp(guint8 *keys, const guint8 *plaintext, unsigned char *results)
146 {
147 guint8 key[8];
148 setup_des_key(keys, key);
149 des_ecb_encrypt(plaintext, results, key);
150
151 setup_des_key(keys + 7, key);
152 des_ecb_encrypt(plaintext, results + 8, key);
153
154 setup_des_key(keys + 14, key);
155 des_ecb_encrypt(plaintext, results + 16, key);
156 }
157
158 /*
159 * TODO: We think we should be using cryptographically secure random numbers
160 * here. We think the rand() function is probably bad. We think
161 * /dev/urandom is a step up, but using a random function from an SSL
162 * library would probably be best. In Windows we could possibly also
163 * use CryptGenRandom.
164 */
165 static void
166 gensesskey(char *buffer)
167 {
168 int fd;
169 int i;
170 ssize_t red = 0;
171
172 fd = open("/dev/urandom", O_RDONLY);
173 if (fd >= 0) {
174 red = read(fd, buffer, 16);
175 if (red < 0) {
176 purple_debug_warning("ntlm", "Error reading from /dev/urandom: %s."
177 " Falling back to inferior method.\n", g_strerror(errno));
178 red = 0;
179 } else if (red < 16) {
180 purple_debug_warning("ntlm", "Tried reading 16 bytes from "
181 "/dev/urandom but only got %"
182 G_GSSIZE_FORMAT ". Falling back to "
183 "inferior method\n", (gssize)red);
184 }
185 close(fd);
186 } else {
187 purple_debug_warning("ntlm", "Error opening /dev/urandom: %s."
188 " Falling back to inferior method.\n", g_strerror(errno));
189 }
190
191 for (i = red; i < 16; i++) {
192 buffer[i] = (char)(g_random_int() & 0xff);
193 }
194 }
195 #endif /* HAVE_NETTLE */
196
197 gchar *
198 purple_ntlm_gen_type3(const gchar *username, const gchar *passw, const gchar *hostname, const gchar *domain, const guint8 *nonce, guint32 *flags)
199 {
200 #ifdef HAVE_NETTLE
201 char lm_pw[14];
202 unsigned char lm_hpw[21];
203 char sesskey[16];
204 guint8 key[8];
205 int domainlen;
206 int usernamelen;
207 int hostnamelen;
208 int msglen;
209 struct type3_message *tmsg;
210 int passwlen, lennt;
211 unsigned char lm_resp[24], nt_resp[24];
212 unsigned char magic[] = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
213 unsigned char nt_hpw[21];
214 char nt_pw[128];
215 struct md4_ctx ctx;
216 char *tmp;
217 int idx;
218 gchar *ucs2le;
219
220 domainlen = strlen(domain) * 2;
221 usernamelen = strlen(username) * 2;
222 hostnamelen = strlen(hostname) * 2;
223 msglen = sizeof(struct type3_message) + domainlen +
224 usernamelen + hostnamelen + 0x18 + 0x18 + ((flags) ? 0x10 : 0);
225 tmsg = g_malloc0(msglen);
226 passwlen = strlen(passw);
227
228 /* type3 message initialization */
229 tmsg->protocol[0] = 'N';
230 tmsg->protocol[1] = 'T';
231 tmsg->protocol[2] = 'L';
232 tmsg->protocol[3] = 'M';
233 tmsg->protocol[4] = 'S';
234 tmsg->protocol[5] = 'S';
235 tmsg->protocol[6] = 'P';
236 tmsg->type = GUINT32_TO_LE(0x00000003);
237 tmsg->lm_resp_len1 = tmsg->lm_resp_len2 = GUINT16_TO_LE(0x18);
238 tmsg->lm_resp_off = GUINT32_TO_LE(sizeof(struct type3_message) + domainlen + usernamelen + hostnamelen);
239 tmsg->nt_resp_len1 = tmsg->nt_resp_len2 = GUINT16_TO_LE(0x18);
240 tmsg->nt_resp_off = GUINT32_TO_LE(sizeof(struct type3_message) + domainlen + usernamelen + hostnamelen + 0x18);
241
242 tmsg->dom_len1 = tmsg->dom_len2 = GUINT16_TO_LE(domainlen);
243 tmsg->dom_off = GUINT32_TO_LE(sizeof(struct type3_message));
244
245 tmsg->user_len1 = tmsg->user_len2 = GUINT16_TO_LE(usernamelen);
246 tmsg->user_off = GUINT32_TO_LE(sizeof(struct type3_message) + domainlen);
247
248 tmsg->host_len1 = tmsg->host_len2 = GUINT16_TO_LE(hostnamelen);
249 tmsg->host_off = GUINT32_TO_LE(sizeof(struct type3_message) + domainlen + usernamelen);
250
251 if(flags) {
252 tmsg->sess_off = GUINT32_TO_LE(sizeof(struct type3_message) + domainlen + usernamelen + hostnamelen + 0x18 + 0x18);
253 tmsg->sess_len1 = tmsg->sess_len2 = GUINT16_TO_LE(0x0010);
254 }
255
256 tmsg->flags = GUINT32_TO_LE(0x00008201);
257
258 tmp = (char *)tmsg + sizeof(struct type3_message);
259
260 ucs2le = g_convert(domain, -1, "UTF-16LE", "UTF-8", NULL, NULL, NULL);
261 if (ucs2le != NULL) {
262 memcpy(tmp, ucs2le, domainlen);
263 g_free(ucs2le);
264 tmp += domainlen;
265 } else {
266 purple_debug_info("ntlm", "Unable to encode domain in UTF-16LE.\n");
267 }
268
269 ucs2le = g_convert(username, -1, "UTF-16LE", "UTF-8", NULL, NULL, NULL);
270 if (ucs2le != NULL) {
271 memcpy(tmp, ucs2le, usernamelen);
272 g_free(ucs2le);
273 tmp += usernamelen;
274 } else {
275 purple_debug_info("ntlm", "Unable to encode username in UTF-16LE.\n");
276 }
277
278 ucs2le = g_convert(hostname, -1, "UTF-16LE", "UTF-8", NULL, NULL, NULL);
279 if (ucs2le != NULL) {
280 memcpy(tmp, ucs2le, hostnamelen);
281 g_free(ucs2le);
282 tmp += hostnamelen;
283 } else {
284 purple_debug_info("ntlm", "Unable to encode hostname in UTF-16LE.\n");
285 }
286
287 /* LM */
288 if (passwlen > 14)
289 passwlen = 14;
290
291 for (idx = 0; idx < passwlen; idx++)
292 lm_pw[idx] = g_ascii_toupper(passw[idx]);
293 for (; idx < 14; idx++)
294 lm_pw[idx] = 0;
295
296 setup_des_key((unsigned char*)lm_pw, key);
297 des_ecb_encrypt(magic, lm_hpw, key);
298
299 setup_des_key((unsigned char*)(lm_pw + 7), key);
300 des_ecb_encrypt(magic, lm_hpw + 8, key);
301
302 memset(lm_hpw + 16, 0, 5);
303 calc_resp(lm_hpw, nonce, lm_resp);
304 memcpy(tmp, lm_resp, 0x18);
305 tmp += 0x18;
306
307 /* NTLM */
308 /* Convert the password to UTF-16LE */
309 lennt = strlen(passw);
310 for (idx = 0; idx < lennt; idx++)
311 {
312 nt_pw[2 * idx] = passw[idx];
313 nt_pw[2 * idx + 1] = 0;
314 }
315
316 md4_init(&ctx);
317 md4_update(&ctx, 2 * lennt, (uint8_t *)nt_pw);
318 md4_digest(&ctx, MD4_DIGEST_SIZE, nt_hpw);
319
320 memset(nt_hpw + 16, 0, 5);
321 calc_resp(nt_hpw, nonce, nt_resp);
322 memcpy(tmp, nt_resp, 0x18);
323 tmp += 0x18;
324
325 /* LCS Stuff */
326 if (flags) {
327 tmsg->flags = GUINT32_TO_LE(0x409082d4);
328 gensesskey(sesskey);
329 memcpy(tmp, sesskey, 0x10);
330 }
331
332 /*tmsg->flags2 = 0x0a280105;
333 tmsg->flags3 = 0x0f000000;*/
334
335 tmp = g_base64_encode((guchar *)tmsg, msglen);
336 g_free(tmsg);
337
338 return tmp;
339 #else
340 /* Used without support enabled */
341 g_return_val_if_reached(NULL);
342 #endif /* HAVE_NETTLE */
343 }
Git mirror of Pidgin's Mercurial repository