URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [rtos/] [freertos-6.1.1/] [Demo/] [lwIP_Demo_Rowley_ARM7/] [lwip-1.1.0/] [src/] [netif/] [ppp/] [chpms.c] - Blame information for rev 583

Details | Compare with Previous | View Log


/*** WARNING - THIS CODE HAS NOT BEEN FINISHED! ***/
/*****************************************************************************
* chpms.c - Network MicroSoft Challenge Handshake Authentication Protocol program file.
*
* Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
* Copyright (c) 1997 by Global Election Systems Inc.  All rights reserved.
*
* The authors hereby grant permission to use, copy, modify, distribute,
* and license this software and its documentation for any purpose, provided
* that existing copyright notices are retained in all copies and that this
* notice and the following disclaimer are included verbatim in any
* distributions. No written agreement, license, or royalty fee is required
* for any of the authorized uses.
*
* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
******************************************************************************
* REVISION HISTORY
*
* 03-01-01 Marc Boucher <marc@mbsi.ca>
*   Ported to lwIP.
* 97-12-08 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
*       Original based on BSD chap_ms.c.
*****************************************************************************/
/*
 * chap_ms.c - Microsoft MS-CHAP compatible implementation.
 *
 * Copyright (c) 1995 Eric Rosenquist, Strata Software Limited.
 * http://www.strataware.com/
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms are permitted
 * provided that the above copyright notice and this paragraph are
 * duplicated in all such forms and that any documentation,
 * advertising materials, and other materials related to such
 * distribution and use acknowledge that the software was developed
 * by Eric Rosenquist.  The name of the author may not be used to
 * endorse or promote products derived from this software without
 * specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 */
 
/*
 * Modifications by Lauri Pesonen / lpesonen@clinet.fi, april 1997
 *
 *   Implemented LANManager type password response to MS-CHAP challenges.
 *   Now pppd provides both NT style and LANMan style blocks, and the
 *   prefered is set by option "ms-lanman". Default is to use NT.
 *   The hash text (StdText) was taken from Win95 RASAPI32.DLL.
 *
 *   You should also use DOMAIN\\USERNAME as described in README.MSCHAP80
 */
 
#define USE_CRYPT
 
 
#include "ppp.h"
 
#if MSCHAP_SUPPORT > 0
 
#include "md4.h"
#ifndef USE_CRYPT
#include "des.h"
#endif
#include "chap.h"
#include "chpms.h"
#include "pppdebug.h"
 
 
/*************************/
/*** LOCAL DEFINITIONS ***/
/*************************/
 
 
/************************/
/*** LOCAL DATA TYPES ***/
/************************/
typedef struct {
    u_char LANManResp[24];
    u_char NTResp[24];
    u_char UseNT;               /* If 1, ignore the LANMan response field */
} MS_ChapResponse;
/* We use MS_CHAP_RESPONSE_LEN, rather than sizeof(MS_ChapResponse),
   in case this struct gets padded. */
 
 
 
/***********************************/
/*** LOCAL FUNCTION DECLARATIONS ***/
/***********************************/
 
/* XXX Don't know what to do with these. */
extern void setkey(const char *);
extern void encrypt(char *, int);
 
static void     DesEncrypt (u_char *, u_char *, u_char *);
static void     MakeKey (u_char *, u_char *);
 
#ifdef USE_CRYPT
static void     Expand (u_char *, u_char *);
static void     Collapse (u_char *, u_char *);
#endif
 
static void ChallengeResponse(
        u_char *challenge,      /* IN   8 octets */
        u_char *pwHash,         /* IN  16 octets */
        u_char *response        /* OUT 24 octets */
);
static void ChapMS_NT(
        char *rchallenge,
        int rchallenge_len,
        char *secret,
        int secret_len,
        MS_ChapResponse *response
);
static u_char Get7Bits(
        u_char *input,
        int startBit
);
 
 
/***********************************/
/*** PUBLIC FUNCTION DEFINITIONS ***/
/***********************************/
void ChapMS(
        chap_state *cstate,
        char *rchallenge,
        int rchallenge_len,
        char *secret,
        int secret_len
)
{
        MS_ChapResponse response;
#ifdef MSLANMAN
        extern int ms_lanman;
#endif
 
#if 0
        CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret));
#endif
        BZERO(&response, sizeof(response));
 
        /* Calculate both always */
        ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);
 
#ifdef MSLANMAN
        ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);
 
        /* prefered method is set by option  */
        response.UseNT = !ms_lanman;
#else
        response.UseNT = 1;
#endif
 
        BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);
        cstate->resp_length = MS_CHAP_RESPONSE_LEN;
}
 
 
/**********************************/
/*** LOCAL FUNCTION DEFINITIONS ***/
/**********************************/
static void ChallengeResponse(
        u_char *challenge,      /* IN   8 octets */
        u_char *pwHash,         /* IN  16 octets */
        u_char *response        /* OUT 24 octets */
)
{
        char    ZPasswordHash[21];
 
        BZERO(ZPasswordHash, sizeof(ZPasswordHash));
        BCOPY(pwHash, ZPasswordHash, 16);
 
#if 0
        log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG);
#endif
 
        DesEncrypt(challenge, ZPasswordHash +  0, response + 0);
        DesEncrypt(challenge, ZPasswordHash +  7, response + 8);
        DesEncrypt(challenge, ZPasswordHash + 14, response + 16);
 
#if 0
        log_packet(response, 24, "ChallengeResponse - response", LOG_DEBUG);
#endif
}
 
 
#ifdef USE_CRYPT
static void DesEncrypt(
        u_char *clear,  /* IN  8 octets */
        u_char *key,    /* IN  7 octets */
        u_char *cipher  /* OUT 8 octets */
)
{
        u_char des_key[8];
        u_char crypt_key[66];
        u_char des_input[66];
 
        MakeKey(key, des_key);
 
        Expand(des_key, crypt_key);
        setkey(crypt_key);
 
#if 0
        CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",
               clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));
#endif
 
        Expand(clear, des_input);
        encrypt(des_input, 0);
        Collapse(des_input, cipher);
 
#if 0
        CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n",
               cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));
#endif
}
 
#else /* USE_CRYPT */
 
static void DesEncrypt(
        u_char *clear,  /* IN  8 octets */
        u_char *key,    /* IN  7 octets */
        u_char *cipher  /* OUT 8 octets */
)
{
        des_cblock              des_key;
        des_key_schedule        key_schedule;
 
        MakeKey(key, des_key);
 
        des_set_key(&des_key, key_schedule);
 
#if 0
        CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",
               clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));
#endif
 
        des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
 
#if 0
        CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n",
               cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));
#endif
}
 
#endif /* USE_CRYPT */
 
 
static u_char Get7Bits(
        u_char *input,
        int startBit
)
{
        register unsigned int   word;
 
        word  = (unsigned)input[startBit / 8] << 8;
        word |= (unsigned)input[startBit / 8 + 1];
 
        word >>= 15 - (startBit % 8 + 7);
 
        return word & 0xFE;
}
 
#ifdef USE_CRYPT
 
/* in == 8-byte string (expanded version of the 56-bit key)
 * out == 64-byte string where each byte is either 1 or 0
 * Note that the low-order "bit" is always ignored by by setkey()
 */
static void Expand(u_char *in, u_char *out)
{
        int j, c;
        int i;
 
        for(i = 0; i < 64; in++){
                c = *in;
                for(j = 7; j >= 0; j--)
                        *out++ = (c >> j) & 01;
                i += 8;
        }
}
 
/* The inverse of Expand
 */
static void Collapse(u_char *in, u_char *out)
{
        int j;
        int i;
        unsigned int c;
 
        for (i = 0; i < 64; i += 8, out++) {
                c = 0;
                for (j = 7; j >= 0; j--, in++)
                        c |= *in << j;
                *out = c & 0xff;
        }
}
#endif
 
static void MakeKey(
        u_char *key,            /* IN  56 bit DES key missing parity bits */
        u_char *des_key         /* OUT 64 bit DES key with parity bits added */
)
{
        des_key[0] = Get7Bits(key,  0);
        des_key[1] = Get7Bits(key,  7);
        des_key[2] = Get7Bits(key, 14);
        des_key[3] = Get7Bits(key, 21);
        des_key[4] = Get7Bits(key, 28);
        des_key[5] = Get7Bits(key, 35);
        des_key[6] = Get7Bits(key, 42);
        des_key[7] = Get7Bits(key, 49);
 
#ifndef USE_CRYPT
        des_set_odd_parity((des_cblock *)des_key);
#endif
 
#if 0
        CHAPDEBUG((LOG_INFO, "MakeKey: 56-bit input : %02X%02X%02X%02X%02X%02X%02X\n",
               key[0], key[1], key[2], key[3], key[4], key[5], key[6]));
        CHAPDEBUG((LOG_INFO, "MakeKey: 64-bit output: %02X%02X%02X%02X%02X%02X%02X%02X\n",
               des_key[0], des_key[1], des_key[2], des_key[3], des_key[4], des_key[5], des_key[6], des_key[7]));
#endif
}
 
static void ChapMS_NT(
        char *rchallenge,
        int rchallenge_len,
        char *secret,
        int secret_len,
        MS_ChapResponse *response
)
{
        int                     i;
        MDstruct        md4Context;
        u_char          unicodePassword[MAX_NT_PASSWORD * 2];
        static int      low_byte_first = -1;
 
        /* Initialize the Unicode version of the secret (== password). */
        /* This implicitly supports 8-bit ISO8859/1 characters. */
        BZERO(unicodePassword, sizeof(unicodePassword));
        for (i = 0; i < secret_len; i++)
                unicodePassword[i * 2] = (u_char)secret[i];
 
        MDbegin(&md4Context);
        MDupdate(&md4Context, unicodePassword, secret_len * 2 * 8);     /* Unicode is 2 bytes/char, *8 for bit count */
 
        if (low_byte_first == -1)
                low_byte_first = (htons((unsigned short int)1) != 1);
        if (low_byte_first == 0)
                MDreverse((u_long *)&md4Context);  /*  sfb 961105 */
 
        MDupdate(&md4Context, NULL, 0);  /* Tell MD4 we're done */
 
        ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp);
}
 
#ifdef MSLANMAN
static u_char *StdText = (u_char *)"KGS!@#$%"; /* key from rasapi32.dll */
 
static ChapMS_LANMan(
        char *rchallenge,
        int rchallenge_len,
        char *secret,
        int secret_len,
        MS_ChapResponse *response
)
{
        int                     i;
        u_char          UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */
        u_char          PasswordHash[16];
 
        /* LANMan password is case insensitive */
        BZERO(UcasePassword, sizeof(UcasePassword));
        for (i = 0; i < secret_len; i++)
                UcasePassword[i] = (u_char)toupper(secret[i]);
        DesEncrypt( StdText, UcasePassword + 0, PasswordHash + 0 );
        DesEncrypt( StdText, UcasePassword + 7, PasswordHash + 8 );
        ChallengeResponse(rchallenge, PasswordHash, response->LANManResp);
}
#endif
 
#endif /* MSCHAP_SUPPORT */
 

Browse

Tools

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [rtos/] [freertos-6.1.1/] [Demo/] [lwIP_Demo_Rowley_ARM7/] [lwip-1.1.0/] [src/] [netif/] [ppp/] [chpms.c] - Blame information for rev 583

Line No.	Rev	Author	Line
1	583	jeremybenn	`/* WARNING - THIS CODE HAS NOT BEEN FINISHED! */`
2			`/*****************************************************************************`
3			`* chpms.c - Network MicroSoft Challenge Handshake Authentication Protocol program file.`
4			`*`
5			`* Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.`
6			`* Copyright (c) 1997 by Global Election Systems Inc. All rights reserved.`
7			`*`
8			`* The authors hereby grant permission to use, copy, modify, distribute,`
9			`* and license this software and its documentation for any purpose, provided`
10			`* that existing copyright notices are retained in all copies and that this`
11			`* notice and the following disclaimer are included verbatim in any`
12			`* distributions. No written agreement, license, or royalty fee is required`
13			`* for any of the authorized uses.`
14			`*`
15			`* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS AS IS AND ANY EXPRESS OR`
16			`* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES`
17			`* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.`
18			`* IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,`
19			`* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT`
20			`* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,`
21			`* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY`
22			`* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT`
23			`* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF`
24			`* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
25			`*`
26			`******************************************************************************`
27			`* REVISION HISTORY`
28			`*`
29			`* 03-01-01 Marc Boucher <marc@mbsi.ca>`
30			`* Ported to lwIP.`
31			`* 97-12-08 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.`
32			`* Original based on BSD chap_ms.c.`
33			`*****************************************************************************/`
34			`/*`
35			`* chap_ms.c - Microsoft MS-CHAP compatible implementation.`
36			`*`
37			`* Copyright (c) 1995 Eric Rosenquist, Strata Software Limited.`
38			`* http://www.strataware.com/`
39			`*`
40			`* All rights reserved.`
41			`*`
42			`* Redistribution and use in source and binary forms are permitted`
43			`* provided that the above copyright notice and this paragraph are`
44			`* duplicated in all such forms and that any documentation,`
45			`* advertising materials, and other materials related to such`
46			`* distribution and use acknowledge that the software was developed`
47			`* by Eric Rosenquist. The name of the author may not be used to`
48			`* endorse or promote products derived from this software without`
49			`* specific prior written permission.`
50			`*`
51			* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
52			`* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED`
53			`* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.`
54			`*/`
55
56			`/*`
57			`* Modifications by Lauri Pesonen / lpesonen@clinet.fi, april 1997`
58			`*`
59			`* Implemented LANManager type password response to MS-CHAP challenges.`
60			`* Now pppd provides both NT style and LANMan style blocks, and the`
61			`* prefered is set by option "ms-lanman". Default is to use NT.`
62			`* The hash text (StdText) was taken from Win95 RASAPI32.DLL.`
63			`*`
64			`* You should also use DOMAIN\\USERNAME as described in README.MSCHAP80`
65			`*/`
66
67			`#define USE_CRYPT`
68
69
70			`#include "ppp.h"`
71
72			`#if MSCHAP_SUPPORT > 0`
73
74			`#include "md4.h"`
75			`#ifndef USE_CRYPT`
76			`#include "des.h"`
77			`#endif`
78			`#include "chap.h"`
79			`#include "chpms.h"`
80			`#include "pppdebug.h"`
81
82
83			`/*************************/`
84			`/* LOCAL DEFINITIONS */`
85			`/*************************/`
86
87
88			`/************************/`
89			`/* LOCAL DATA TYPES */`
90			`/************************/`
91			`typedef struct {`
92			`u_char LANManResp[24];`
93			`u_char NTResp[24];`
94			`u_char UseNT; /* If 1, ignore the LANMan response field */`
95			`} MS_ChapResponse;`
96			`/* We use MS_CHAP_RESPONSE_LEN, rather than sizeof(MS_ChapResponse),`
97			`in case this struct gets padded. */`
98
99
100
101			`/***********************************/`
102			`/* LOCAL FUNCTION DECLARATIONS */`
103			`/***********************************/`
104
105			`/* XXX Don't know what to do with these. */`
106			`extern void setkey(const char *);`
107			`extern void encrypt(char *, int);`
108
109			`static void DesEncrypt (u_char , u_char , u_char *);`
110			`static void MakeKey (u_char , u_char );`
111
112			`#ifdef USE_CRYPT`
113			`static void Expand (u_char , u_char );`
114			`static void Collapse (u_char , u_char );`
115			`#endif`
116
117			`static void ChallengeResponse(`
118			`u_char challenge, / IN 8 octets */`
119			`u_char pwHash, / IN 16 octets */`
120			`u_char response / OUT 24 octets */`
121			`);`
122			`static void ChapMS_NT(`
123			`char *rchallenge,`
124			`int rchallenge_len,`
125			`char *secret,`
126			`int secret_len,`
127			`MS_ChapResponse *response`
128			`);`
129			`static u_char Get7Bits(`
130			`u_char *input,`
131			`int startBit`
132			`);`
133
134
135			`/***********************************/`
136			`/* PUBLIC FUNCTION DEFINITIONS */`
137			`/***********************************/`
138			`void ChapMS(`
139			`chap_state *cstate,`
140			`char *rchallenge,`
141			`int rchallenge_len,`
142			`char *secret,`
143			`int secret_len`
144			`)`
145			`{`
146			`MS_ChapResponse response;`
147			`#ifdef MSLANMAN`
148			`extern int ms_lanman;`
149			`#endif`
150
151			`#if 0`
152			`CHAPDEBUG((LOG_INFO, "ChapMS: secret is '%.*s'\n", secret_len, secret));`
153			`#endif`
154			`BZERO(&response, sizeof(response));`
155
156			`/* Calculate both always */`
157			`ChapMS_NT(rchallenge, rchallenge_len, secret, secret_len, &response);`
158
159			`#ifdef MSLANMAN`
160			`ChapMS_LANMan(rchallenge, rchallenge_len, secret, secret_len, &response);`
161
162			`/* prefered method is set by option */`
163			`response.UseNT = !ms_lanman;`
164			`#else`
165			`response.UseNT = 1;`
166			`#endif`
167
168			`BCOPY(&response, cstate->response, MS_CHAP_RESPONSE_LEN);`
169			`cstate->resp_length = MS_CHAP_RESPONSE_LEN;`
170			`}`
171
172
173			`/**********************************/`
174			`/* LOCAL FUNCTION DEFINITIONS */`
175			`/**********************************/`
176			`static void ChallengeResponse(`
177			`u_char challenge, / IN 8 octets */`
178			`u_char pwHash, / IN 16 octets */`
179			`u_char response / OUT 24 octets */`
180			`)`
181			`{`
182			`char ZPasswordHash[21];`
183
184			`BZERO(ZPasswordHash, sizeof(ZPasswordHash));`
185			`BCOPY(pwHash, ZPasswordHash, 16);`
186
187			`#if 0`
188			`log_packet(ZPasswordHash, sizeof(ZPasswordHash), "ChallengeResponse - ZPasswordHash", LOG_DEBUG);`
189			`#endif`
190
191			`DesEncrypt(challenge, ZPasswordHash + 0, response + 0);`
192			`DesEncrypt(challenge, ZPasswordHash + 7, response + 8);`
193			`DesEncrypt(challenge, ZPasswordHash + 14, response + 16);`
194
195			`#if 0`
196			`log_packet(response, 24, "ChallengeResponse - response", LOG_DEBUG);`
197			`#endif`
198			`}`
199
200
201			`#ifdef USE_CRYPT`
202			`static void DesEncrypt(`
203			`u_char clear, / IN 8 octets */`
204			`u_char key, / IN 7 octets */`
205			`u_char cipher / OUT 8 octets */`
206			`)`
207			`{`
208			`u_char des_key[8];`
209			`u_char crypt_key[66];`
210			`u_char des_input[66];`
211
212			`MakeKey(key, des_key);`
213
214			`Expand(des_key, crypt_key);`
215			`setkey(crypt_key);`
216
217			`#if 0`
218			`CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",`
219			`clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));`
220			`#endif`
221
222			`Expand(clear, des_input);`
223			`encrypt(des_input, 0);`
224			`Collapse(des_input, cipher);`
225
226			`#if 0`
227			`CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n",`
228			`cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));`
229			`#endif`
230			`}`
231
232			`#else /* USE_CRYPT */`
233
234			`static void DesEncrypt(`
235			`u_char clear, / IN 8 octets */`
236			`u_char key, / IN 7 octets */`
237			`u_char cipher / OUT 8 octets */`
238			`)`
239			`{`
240			`des_cblock des_key;`
241			`des_key_schedule key_schedule;`
242
243			`MakeKey(key, des_key);`
244
245			`des_set_key(&des_key, key_schedule);`
246
247			`#if 0`
248			`CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",`
249			`clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));`
250			`#endif`
251
252			`des_ecb_encrypt((des_cblock )clear, (des_cblock )cipher, key_schedule, 1);`
253
254			`#if 0`
255			`CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n",`
256			`cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));`
257			`#endif`
258			`}`
259
260			`#endif /* USE_CRYPT */`
261
262
263			`static u_char Get7Bits(`
264			`u_char *input,`
265			`int startBit`
266			`)`
267			`{`
268			`register unsigned int word;`
269
270			`word = (unsigned)input[startBit / 8] << 8;`
271			`word \|= (unsigned)input[startBit / 8 + 1];`
272
273			`word >>= 15 - (startBit % 8 + 7);`
274
275			`return word & 0xFE;`
276			`}`
277
278			`#ifdef USE_CRYPT`
279
280			`/* in == 8-byte string (expanded version of the 56-bit key)`
281			`* out == 64-byte string where each byte is either 1 or 0`
282			`* Note that the low-order "bit" is always ignored by by setkey()`
283			`*/`
284			`static void Expand(u_char in, u_char out)`
285			`{`
286			`int j, c;`
287			`int i;`
288
289			`for(i = 0; i < 64; in++){`
290			`c = *in;`
291			`for(j = 7; j >= 0; j--)`
292			`*out++ = (c >> j) & 01;`
293			`i += 8;`
294			`}`
295			`}`
296
297			`/* The inverse of Expand`
298			`*/`
299			`static void Collapse(u_char in, u_char out)`
300			`{`
301			`int j;`
302			`int i;`
303			`unsigned int c;`
304
305			`for (i = 0; i < 64; i += 8, out++) {`
306			`c = 0;`
307			`for (j = 7; j >= 0; j--, in++)`
308			`c \|= *in << j;`
309			`*out = c & 0xff;`
310			`}`
311			`}`
312			`#endif`
313
314			`static void MakeKey(`
315			`u_char key, / IN 56 bit DES key missing parity bits */`
316			`u_char des_key / OUT 64 bit DES key with parity bits added */`
317			`)`
318			`{`
319			`des_key[0] = Get7Bits(key, 0);`
320			`des_key[1] = Get7Bits(key, 7);`
321			`des_key[2] = Get7Bits(key, 14);`
322			`des_key[3] = Get7Bits(key, 21);`
323			`des_key[4] = Get7Bits(key, 28);`
324			`des_key[5] = Get7Bits(key, 35);`
325			`des_key[6] = Get7Bits(key, 42);`
326			`des_key[7] = Get7Bits(key, 49);`
327
328			`#ifndef USE_CRYPT`
329			`des_set_odd_parity((des_cblock *)des_key);`
330			`#endif`
331
332			`#if 0`
333			`CHAPDEBUG((LOG_INFO, "MakeKey: 56-bit input : %02X%02X%02X%02X%02X%02X%02X\n",`
334			`key[0], key[1], key[2], key[3], key[4], key[5], key[6]));`
335			`CHAPDEBUG((LOG_INFO, "MakeKey: 64-bit output: %02X%02X%02X%02X%02X%02X%02X%02X\n",`
336			`des_key[0], des_key[1], des_key[2], des_key[3], des_key[4], des_key[5], des_key[6], des_key[7]));`
337			`#endif`
338			`}`
339
340			`static void ChapMS_NT(`
341			`char *rchallenge,`
342			`int rchallenge_len,`
343			`char *secret,`
344			`int secret_len,`
345			`MS_ChapResponse *response`
346			`)`
347			`{`
348			`int i;`
349			`MDstruct md4Context;`
350			`u_char unicodePassword[MAX_NT_PASSWORD * 2];`
351			`static int low_byte_first = -1;`
352
353			`/* Initialize the Unicode version of the secret (== password). */`
354			`/* This implicitly supports 8-bit ISO8859/1 characters. */`
355			`BZERO(unicodePassword, sizeof(unicodePassword));`
356			`for (i = 0; i < secret_len; i++)`
357			`unicodePassword[i * 2] = (u_char)secret[i];`
358
359			`MDbegin(&md4Context);`
360			`MDupdate(&md4Context, unicodePassword, secret_len * 2 * 8); /* Unicode is 2 bytes/char, 8 for bit count /`
361
362			`if (low_byte_first == -1)`
363			`low_byte_first = (htons((unsigned short int)1) != 1);`
364			`if (low_byte_first == 0)`
365			`MDreverse((u_long )&md4Context); / sfb 961105 */`
366
367			`MDupdate(&md4Context, NULL, 0); /* Tell MD4 we're done */`
368
369			`ChallengeResponse(rchallenge, (char *)md4Context.buffer, response->NTResp);`
370			`}`
371
372			`#ifdef MSLANMAN`
373			`static u_char StdText = (u_char )"KGS!@#$%"; /* key from rasapi32.dll */`
374
375			`static ChapMS_LANMan(`
376			`char *rchallenge,`
377			`int rchallenge_len,`
378			`char *secret,`
379			`int secret_len,`
380			`MS_ChapResponse *response`
381			`)`
382			`{`
383			`int i;`
384			`u_char UcasePassword[MAX_NT_PASSWORD]; /* max is actually 14 */`
385			`u_char PasswordHash[16];`
386
387			`/* LANMan password is case insensitive */`
388			`BZERO(UcasePassword, sizeof(UcasePassword));`
389			`for (i = 0; i < secret_len; i++)`
390			`UcasePassword[i] = (u_char)toupper(secret[i]);`
391			`DesEncrypt( StdText, UcasePassword + 0, PasswordHash + 0 );`
392			`DesEncrypt( StdText, UcasePassword + 7, PasswordHash + 8 );`
393			`ChallengeResponse(rchallenge, PasswordHash, response->LANManResp);`
394			`}`
395			`#endif`
396
397			`#endif /* MSCHAP_SUPPORT */`
398