OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [rtos/] [ecos-3.0/] [packages/] [net/] [ppp/] [current/] [src/] [chap_ms.c] - Blame information for rev 786

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 786 skrzyp 
//==========================================================================
2 
//
3 
//      src/chap_ms.c
4 
//
5 
//==========================================================================
6 
// ####ECOSGPLCOPYRIGHTBEGIN####
7 
// -------------------------------------------
8 
// This file is part of eCos, the Embedded Configurable Operating System.
9 
// Copyright (C) 2003 Free Software Foundation, Inc.
10 
//
11 
// eCos is free software; you can redistribute it and/or modify it under
12 
// the terms of the GNU General Public License as published by the Free
13 
// Software Foundation; either version 2 or (at your option) any later
14 
// version.
15 
//
16 
// eCos is distributed in the hope that it will be useful, but WITHOUT
17 
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
18 
// FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
19 
// for more details.
20 
//
21 
// You should have received a copy of the GNU General Public License
22 
// along with eCos; if not, write to the Free Software Foundation, Inc.,
23 
// 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
24 
//
25 
// As a special exception, if other files instantiate templates or use
26 
// macros or inline functions from this file, or you compile this file
27 
// and link it with other works to produce a work based on this file,
28 
// this file does not by itself cause the resulting work to be covered by
29 
// the GNU General Public License. However the source code for this file
30 
// must still be made available in accordance with section (3) of the GNU
31 
// General Public License v2.
32 
//
33 
// This exception does not invalidate any other reasons why a work based
34 
// on this file might be covered by the GNU General Public License.
35 
// -------------------------------------------
36 
// ####ECOSGPLCOPYRIGHTEND####
37 
// ####BSDALTCOPYRIGHTBEGIN####
38 
// -------------------------------------------
39 
// Portions of this software may have been derived from FreeBSD, OpenBSD,
40 
// or other sources, and if so are covered by the appropriate copyright
41 
// and license included herein.
42 
// -------------------------------------------
43 
// ####BSDALTCOPYRIGHTEND####
44 
//==========================================================================
45 
 
46 
/*
47 
 * chap_ms.c - Microsoft MS-CHAP compatible implementation.
48 
 *
49 
 * Copyright (c) 1995 Eric Rosenquist, Strata Software Limited.
50 
 * http://www.strataware.com/
51 
 *
52 
 * All rights reserved.
53 
 *
54 
 * Redistribution and use in source and binary forms are permitted
55 
 * provided that the above copyright notice and this paragraph are
56 
 * duplicated in all such forms and that any documentation,
57 
 * advertising materials, and other materials related to such
58 
 * distribution and use acknowledge that the software was developed
59 
 * by Eric Rosenquist.  The name of the author may not be used to
60 
 * endorse or promote products derived from this software without
61 
 * specific prior written permission.
62 
 *
63 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
64 
 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
65 
 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
66 
 */
67 
 
68 
/*
69 
 * Modifications by Lauri Pesonen / lpesonen@clinet.fi, april 1997
70 
 *
71 
 *   Implemented LANManager type password response to MS-CHAP challenges.
72 
 *   Now pppd provides both NT style and LANMan style blocks, and the
73 
 *   prefered is set by option "ms-lanman". Default is to use NT.
74 
 *   The hash text (StdText) was taken from Win95 RASAPI32.DLL.
75 
 *
76 
 *   You should also use DOMAIN\\USERNAME as described in README.MSCHAP80
77 
 */
78 
 
79 
#ifndef lint
80 
//static char rcsid[] = "$FreeBSD: src/usr.sbin/pppd/chap_ms.c,v 1.8 2000/02/24 21:10:28 markm Exp $";
81 
#endif
82 
 
83 
#ifdef CHAPMS
84 
 
85 
#include <stdio.h>
86 
#include <string.h>
87 
#include <ctype.h>
88 
#include <sys/types.h>
89 
#include <sys/time.h>
90 
#include <syslog.h>
91 
#include <unistd.h>
92 
#ifdef HAVE_CRYPT_H
93 
#include <crypt.h>
94 
#endif
95 
 
96 
#include "pppd.h"
97 
#include "chap.h"
98 
#include "chap_ms.h"
99 
#include "md4.h"
100 
 
101 
#ifndef USE_CRYPT
102 
#include <openssl/des.h>
103 
#endif
104 
 
105 
typedef struct {
106 
    u_char LANManResp[24];
107 
    u_char NTResp[24];
108 
    u_char UseNT;               /* If 1, ignore the LANMan response field */
109 
} MS_ChapResponse;
110 
/* We use MS_CHAP_RESPONSE_LEN, rather than sizeof(MS_ChapResponse),
111 
   in case this struct gets padded. */
112 
 
113 
 
114 
static void     ChallengeResponse __P((u_char *, u_char *, u_char *));
115 
static void     DesEncrypt __P((u_char *, u_char *, u_char *));
116 
static void     MakeKey __P((u_char *, u_char *));
117 
static u_char   Get7Bits __P((u_char *, int));
118 
static void     ChapMS_NT __P((char *, int, char *, int, MS_ChapResponse *));
119 
#ifdef MSLANMAN
120 
static void     ChapMS_LANMan __P((char *, int, char *, int, MS_ChapResponse *));
121 
#endif
122 
 
123 
#ifdef USE_CRYPT
124 
static void     Expand __P((u_char *, u_char *));
125 
static void     Collapse __P((u_char *, u_char *));
126 
#endif
127 
 
128 
static void
129 
ChallengeResponse(challenge, pwHash, response)
130 
    u_char *challenge;  /* IN   8 octets */
131 
    u_char *pwHash;     /* IN  16 octets */
132 
    u_char *response;   /* OUT 24 octets */
133 
{
134 
    char    ZPasswordHash[21];
135 
 
136 
    BZERO(ZPasswordHash, sizeof(ZPasswordHash));
137 
    BCOPY(pwHash, ZPasswordHash, MD4_SIGNATURE_SIZE);
138 
 
139 
#if 0
140 
    log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG);
141 
#endif
142 
 
143 
    DesEncrypt(challenge, ZPasswordHash +  0, response + 0);
144 
    DesEncrypt(challenge, ZPasswordHash +  7, response + 8);
145 
    DesEncrypt(challenge, ZPasswordHash + 14, response + 16);
146 
 
147 
#if 0
148 
    log_packet(response, 24, "ChallengeResponse - response", LOG_DEBUG);
149 
#endif
150 
}
151 
 
152 
 
153 
#ifdef USE_CRYPT
154 
static void
155 
DesEncrypt(clear, key, cipher)
156 
    u_char *clear;      /* IN  8 octets */
157 
    u_char *key;        /* IN  7 octets */
158 
    u_char *cipher;     /* OUT 8 octets */
159 
{
160 
    u_char des_key[8];
161 
    u_char crypt_key[66];
162 
    u_char des_input[66];
163 
 
164 
    MakeKey(key, des_key);
165 
 
166 
    Expand(des_key, crypt_key);
167 
    setkey(crypt_key);
168 
 
169 
#if 0
170 
    CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X",
171 
               clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));
172 
#endif
173 
 
174 
    Expand(clear, des_input);
175 
    encrypt(des_input, 0);
176 
    Collapse(des_input, cipher);
177 
 
178 
#if 0
179 
    CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X",
180 
               cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));
181 
#endif
182 
}
183 
 
184 
#else /* USE_CRYPT */
185 
 
186 
static void
187 
DesEncrypt(clear, key, cipher)
188 
    u_char *clear;      /* IN  8 octets */
189 
    u_char *key;        /* IN  7 octets */
190 
    u_char *cipher;     /* OUT 8 octets */
191 
{
192 
    des_cblock          des_key;
193 
    des_key_schedule    key_schedule;
194 
 
195 
    MakeKey(key, des_key);
196 
 
197 
    des_set_key(&des_key, key_schedule);
198 
 
199 
#if 0
200 
    CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X",
201 
               clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));
202 
#endif
203 
 
204 
    des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
205 
 
206 
#if 0
207 
    CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X",
208 
               cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));
209 
#endif
210 
}
211 
 
212 
#endif /* USE_CRYPT */
213 
 
214 
 
215 
static u_char Get7Bits(input, startBit)
216 
    u_char *input;
217 
    int startBit;
218 
{
219 
    register unsigned int       word;
220 
 
221 
    word  = (unsigned)input[startBit / 8] << 8;
222 
    word |= (unsigned)input[startBit / 8 + 1];
223 
 
224 
    word >>= 15 - (startBit % 8 + 7);
225 
 
226 
    return word & 0xFE;
227 
}
228 
 
229 
#ifdef USE_CRYPT
230 
 
231 
/* in == 8-byte string (expanded version of the 56-bit key)
232 
 * out == 64-byte string where each byte is either 1 or 0
233 
 * Note that the low-order "bit" is always ignored by by setkey()
234 
 */
235 
static void Expand(in, out)
236 
    u_char *in;
237 
    u_char *out;
238 
{
239 
        int j, c;
240 
        int i;
241 
 
242 
        for(i = 0; i < 64; in++){
243 
                c = *in;
244 
                for(j = 7; j >= 0; j--)
245 
                        *out++ = (c >> j) & 01;
246 
                i += 8;
247 
        }
248 
}
249 
 
250 
/* The inverse of Expand
251 
 */
252 
static void Collapse(in, out)
253 
    u_char *in;
254 
    u_char *out;
255 
{
256 
        int j;
257 
        int i;
258 
        unsigned int c;
259 
 
260 
        for (i = 0; i < 64; i += 8, out++) {
261 
            c = 0;
262 
            for (j = 7; j >= 0; j--, in++)
263 
                c |= *in << j;
264 
            *out = c & 0xff;
265 
        }
266 
}
267 
#endif
268 
 
269 
static void MakeKey(key, des_key)
270 
    u_char *key;        /* IN  56 bit DES key missing parity bits */
271 
    u_char *des_key;    /* OUT 64 bit DES key with parity bits added */
272 
{
273 
    des_key[0] = Get7Bits(key,  0);
274 
    des_key[1] = Get7Bits(key,  7);
275 
    des_key[2] = Get7Bits(key, 14);
276 
    des_key[3] = Get7Bits(key, 21);
277 
    des_key[4] = Get7Bits(key, 28);
278 
    des_key[5] = Get7Bits(key, 35);
279 
    des_key[6] = Get7Bits(key, 42);
280 
    des_key[7] = Get7Bits(key, 49);
281 
 
282 
#ifndef USE_CRYPT
283 
    des_set_odd_parity((des_cblock *)des_key);
284 
#endif
285 
 
286 
#if 0
287 
    CHAPDEBUG((LOG_INFO, "MakeKey: 56-bit input : %02X%02X%02X%02X%02X%02X%02X",
288 
               key[0], key[1], key[2], key[3], key[4], key[5], key[6]));
289 
    CHAPDEBUG((LOG_INFO, "MakeKey: 64-bit output: %02X%02X%02X%02X%02X%02X%02X%02X",
290 
               des_key[0], des_key[1], des_key[2], des_key[3], des_key[4], des_key[5], des_key[6], des_key[7]));
291 
#endif
292 
}
293 
 
294 
static void
295 
ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, response)
296 
    char *rchallenge;
297 
    int rchallenge_len;
298 
    char *secret;
299 
    int secret_len;
300 
    MS_ChapResponse    *response;
301 
{
302 
    int                 i;
303 
    MD4_CTX             md4Context;
304 
    u_char              hash[MD4_SIGNATURE_SIZE];
305 
    u_char              unicodePassword[MAX_NT_PASSWORD * 2];
306 
 
307 
    /* Initialize the Unicode version of the secret (== password). */
308 
    /* This implicitly supports 8-bit ISO8859/1 characters. */
309 
    BZERO(unicodePassword, sizeof(unicodePassword));
310 
    for (i = 0; i < secret_len; i++)
311 
        unicodePassword[i * 2] = (u_char)secret[i];
312 
 
313 
    MD4Init(&md4Context);
314 
    MD4Update(&md4Context, unicodePassword, secret_len * 2);    /* Unicode is 2 bytes/char */
315 
 
316 
    MD4Final(hash, &md4Context);        /* Tell MD4 we're done */
317 
 
318 
    ChallengeResponse(rchallenge, hash, response->NTResp);
319 
}
320 
 
321 
#ifdef MSLANMAN
322 
static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
323 
 
324 
static void
325 
ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, response)
326 
    char *rchallenge;
327 
    int rchallenge_len;
328 
    char *secret;
329 
    int secret_len;
330 
    MS_ChapResponse     *response;
331 
{
332 
    int                 i;
333 
    u_char              UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */
334 
    u_char              PasswordHash[MD4_SIGNATURE_SIZE];
335 
 
336 
    /* LANMan password is case insensitive */
337 
    BZERO(UcasePassword, sizeof(UcasePassword));
338 
    for (i = 0; i < secret_len; i++)
339 
       UcasePassword[i] = (u_char)toupper(secret[i]);
340 
    DesEncrypt( StdText, UcasePassword + 0, PasswordHash + 0 );
341 
    DesEncrypt( StdText, UcasePassword + 7, PasswordHash + 8 );
342 
    ChallengeResponse(rchallenge, PasswordHash, response->LANManResp);
343 
}
344 
#endif
345 
 
346 
void
347 
ChapMS(cstate, rchallenge, rchallenge_len, secret, secret_len)
348 
    chap_state *cstate;
349 
    char *rchallenge;
350 
    int rchallenge_len;
351 
    char *secret;
352 
    int secret_len;
353 
{
354 
    MS_ChapResponse     response;
355 
#ifdef MSLANMAN
356 
    extern int ms_lanman;
357 
#endif
358 
 
359 
#if 0
360 
    CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'", secret_len, secret));
361 
#endif
362 
    BZERO(&response, sizeof(response));
363 
 
364 
    /* Calculate both always */
365 
    ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);
366 
 
367 
#ifdef MSLANMAN
368 
    ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);
369 
 
370 
    /* prefered method is set by option  */
371 
    response.UseNT = !ms_lanman;
372 
#else
373 
    response.UseNT = 1;
374 
#endif
375 
 
376 
    BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);
377 
    cstate->resp_length = MS_CHAP_RESPONSE_LEN;
378 
}
379 
 
380 
#endif /* CHAPMS */

powered by: WebSVN 2.1.0

© copyright 1999-2025 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.