#include <ctype.h>
#include <string.h>
#include <stdlib.h>
#include <CommonCrypto/CommonDigest.h>
#include <CommonCrypto/CommonCryptor.h>
#include <CommonCrypto/CommonHMAC.h>
#include <CoreFoundation/CoreFoundation.h>
#include <openssl/hmac.h>
#include "SMBAuth.h"
#include <stdio.h>
#include <sys/types.h>
#include "digestmd5.h"
#include <syslog.h>
#include "DSEndian.h"
typedef long KeysArray[32];
unsigned char apsasl_odd_parity[256] = {
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254};
typedef struct EncryptBlk
{
unsigned long keyHi;
unsigned long keyLo;
} EncryptBlk;
enum {
NTLM_NONCE_LENGTH = 8,
NTLM_HASH_LENGTH = 21,
NTLM_RESP_LENGTH = 24,
NTLM_SESSKEY_LENGTH = 16,
};
#ifdef __cplusplus
extern "C" {
#endif
u_int16_t ByteSwapInt16(u_int16_t value);
void CStringToUnicode(const char *cstr, int cstrLen, u_int16_t *unicode, size_t unicodeLen, size_t *outUnicodeByteCount);
void strnupper(char *str, int maxlen);
#ifdef __cplusplus
}
#endif
#define desKeySched KeySched
#define desEncode(A,B) Encode((A),8,(B))
extern void desDecode (long *, char *);
#define kDESVersion1 1
unsigned char SHSpad1[40] =
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
unsigned char SHSpad2[40] =
{0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2,
0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2};
unsigned char Magic1[27] =
{0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d,
0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79};
unsigned char Magic2[84] =
{0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20, 0x6b, 0x65, 0x79,
0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73,
0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, 0x69, 0x64, 0x65,
0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
0x6b, 0x65, 0x79, 0x2e};
unsigned char Magic3[84] =
{0x4f, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x69,
0x65, 0x6e, 0x74, 0x20, 0x73, 0x69, 0x64, 0x65, 0x2c, 0x20,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68,
0x65, 0x20, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x20,
0x6b, 0x65, 0x79, 0x3b, 0x20, 0x6f, 0x6e, 0x20, 0x74, 0x68,
0x65, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73,
0x69, 0x64, 0x65, 0x2c, 0x20, 0x69, 0x74, 0x20, 0x69, 0x73,
0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x65, 0x6e, 0x64, 0x20,
0x6b, 0x65, 0x79, 0x2e};
void CalculateP24(unsigned char *P21, unsigned char *C8, unsigned char *P24)
{
memcpy(P24, C8, 8);
memcpy(P24+8, C8, 8);
memcpy(P24+16, C8, 8);
DESEncode(P21, P24);
DESEncode(P21+7, P24+8);
DESEncode(P21+14, P24+16);
}
void CalculateSMBNTHash(const char *utf8Password, unsigned char outHash[16])
{
size_t unicodeLen = 0;
u_int16_t unicodepwd[258] = {0};
int passLen = 0;
if (utf8Password == NULL || outHash == NULL)
return;
passLen = strlen(utf8Password);
if (passLen > 128)
passLen = 128;
CStringToUnicode(utf8Password, passLen, unicodepwd, sizeof(unicodepwd), &unicodeLen);
MD4Encode(outHash, (unsigned char *)unicodepwd, unicodeLen);
bzero(unicodepwd, unicodeLen);
}
void CalculateSMBLANManagerHash(const char *password, unsigned char outHash[16])
{
unsigned char S8[8] = {0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
int passLen = 0;
unsigned char P21[21] = {0};
unsigned char P14[14] = {0};
unsigned char *P16 = P21;
passLen = strlen(password);
if ( passLen > 14 )
passLen = 14;
memmove(P14, password, passLen);
strnupper((char *)P14, 14);
memmove(P16, S8, 8);
memmove(P16+8, S8, 8);
DESEncode(P14, P16);
DESEncode(P14+7, P16+8);
memmove(outHash, P16, 16);
}
int32_t LittleEndianCharsToInt32( const char *inCharPtr )
{
int32_t anInt;
memcpy( &anInt, inCharPtr, 4 );
anInt = EndianU32_NtoL( anInt );
return anInt;
}
void CalculateWorkstationCredentialSessKey( const unsigned char inNTHash[16], const char serverChallenge[8], const char clientChallenge[8], unsigned char outWCSK[8] )
{
int32_t schal, cchal;
int32_t add1, add2;
schal = LittleEndianCharsToInt32( serverChallenge );
cchal = LittleEndianCharsToInt32( clientChallenge );
add1 = schal + cchal;
schal = LittleEndianCharsToInt32( serverChallenge + 4 );
cchal = LittleEndianCharsToInt32( clientChallenge + 4 );
add2 = schal + cchal;
add1 = EndianU32_NtoL( add1 );
add2 = EndianU32_NtoL( add2 );
memcpy( outWCSK, &add1, 4 );
memcpy( outWCSK + 4, &add2, 4 );
DESEncode( inNTHash, outWCSK );
DESEncode( inNTHash + 9, outWCSK );
}
void CalculatePPTPSessionKeys( const unsigned char inNTHash[16], const unsigned char inNTResponse[24], int inSessionKeyLen, unsigned char *outSendKey, unsigned char *outReceiveKey )
{
unsigned char hashHashBuff[CC_MD4_DIGEST_LENGTH + 1];
unsigned char masterKey[16];
MD4Encode( hashHashBuff, inNTHash, CC_MD4_DIGEST_LENGTH );
GetMasterKey( hashHashBuff, inNTResponse, masterKey );
GetAsymetricStartKey( masterKey, outSendKey, inSessionKeyLen, TRUE, TRUE );
GetAsymetricStartKey( masterKey, outReceiveKey, inSessionKeyLen, FALSE, TRUE );
}
void GetMasterKey( const unsigned char inNTHashHash[16], const unsigned char inNTResponse[24], unsigned char outMasterKey[16] )
{
unsigned char Digest[20];
CC_SHA1_CTX Context;
bzero( Digest, sizeof(Digest) );
CC_SHA1_Init( &Context );
CC_SHA1_Update( &Context, inNTHashHash, 16 );
CC_SHA1_Update( &Context, inNTResponse, 24 );
CC_SHA1_Update( &Context, Magic1, 27 );
CC_SHA1_Final( Digest, &Context );
memmove( outMasterKey, Digest, 16 );
}
void GetAsymetricStartKey( unsigned char inMasterKey[16], unsigned char *outSessionKey, int inSessionKeyLen, bool inIsSendKey, bool inIsServer )
{
unsigned char Digest[20];
unsigned char *magicPtr;
CC_SHA1_CTX Context;
if ( inSessionKeyLen > (int)sizeof(Digest) )
return;
bzero( Digest, sizeof(Digest) );
if ( inIsSendKey )
{
if (inIsServer) {
magicPtr = Magic3;
}
else {
magicPtr = Magic2;
}
}
else
{
if (inIsServer) {
magicPtr = Magic2;
} else {
magicPtr = Magic3;
}
}
CC_SHA1_Init( &Context );
CC_SHA1_Update( &Context, inMasterKey, 16 );
CC_SHA1_Update( &Context, SHSpad1, 40 );
CC_SHA1_Update( &Context, magicPtr, 84 );
CC_SHA1_Update( &Context, SHSpad2, 40 );
CC_SHA1_Final( Digest, &Context );
memmove( outSessionKey, Digest, inSessionKeyLen );
}
#pragma mark -
#pragma mark NTLM
#pragma mark -
int NTLMv2(unsigned char *V2, unsigned char *inNTHash,
const char *authid, const char *target,
const unsigned char *challenge,
const unsigned char *blob, unsigned bloblen)
{
CCHmacContext ctx;
char *upper;
size_t len = 0;
char *buf;
unsigned buflen;
unsigned char hmac1[CC_MD4_DIGEST_LENGTH];
len = strlen(authid);
if (target)
len += strlen(target);
buflen = 2 * len + 1;
buf = (char *) malloc( buflen );
if ( buf == NULL )
return -1;
upper = buf + len;
strcpy(upper, authid);
if (target)
strcat(upper, target);
strnupper(upper, len);
CStringToUnicode(upper, len, (u_int16_t *)buf, buflen, &len);
CCHmac(
kCCHmacAlgMD5,
inNTHash, CC_MD4_DIGEST_LENGTH,
(unsigned char*)buf, len,
hmac1 );
CCHmacInit(&ctx, kCCHmacAlgMD5, hmac1, CC_MD5_DIGEST_LENGTH);
CCHmacUpdate(&ctx, challenge, NTLM_NONCE_LENGTH);
CCHmacUpdate(&ctx, blob, bloblen);
CCHmacFinal(&ctx, V2);
bzero(buf, len);
free(buf);
return 0;
}
void CalculateNTLMv2SessionKey(
const unsigned char *inServerChallenge,
const unsigned char *inClientChallenge,
const unsigned char *inNTLMHash,
unsigned char *outSessionKey )
{
CC_MD5_CTX ctx;
unsigned char md5ResultOnly8BytesUsed[CC_MD5_DIGEST_LENGTH];
unsigned char paddedHash[21];
CC_MD5_Init( &ctx );
CC_MD5_Update( &ctx, inServerChallenge, 8 );
CC_MD5_Update( &ctx, inClientChallenge, 8 );
CC_MD5_Final( md5ResultOnly8BytesUsed, &ctx );
memcpy( paddedHash, inNTLMHash, 16 );
bzero(paddedHash + 16, 5);
CalculateP24( paddedHash, md5ResultOnly8BytesUsed, outSessionKey );
}
#pragma mark -
#pragma mark Utilities
#pragma mark -
u_int16_t ByteSwapInt16(u_int16_t value)
{
u_int16_t mask = value;
mask <<= 8;
value >>= 8;
value |= mask;
return value;
}
#if DEBUG
void
print_as_hex( void *bin, int len )
{
int idx;
char byteStr[10];
char logStr[256] = {0};
for ( idx = 0; idx < len; idx++ ) {
sprintf(byteStr, "%.2x ", ((unsigned char *)bin)[idx]);
strlcat(logStr, byteStr, sizeof(logStr));
}
strlcat(logStr, "\n\n", sizeof(logStr));
syslog(LOG_ALERT, "xxx NT hex: %s", logStr);
}
#endif
void CStringToUnicode(const char *cstr, int cstrLen, u_int16_t *unicode, size_t unicodeLen, size_t *outUnicodeByteCount)
{
CFStringRef convertString = CFStringCreateWithBytes( NULL, (const UInt8 *)cstr, (CFIndex)cstrLen, kCFStringEncodingUTF8, 0 );
if ( convertString != NULL ) {
CFStringGetCString( convertString, (char *)unicode, unicodeLen, kCFStringEncodingUTF16LE );
*outUnicodeByteCount = CFStringGetLength( convertString ) * 2;
CFRelease( convertString );
}
#if DEBUG
print_as_hex( unicode, *outUnicodeByteCount );
#endif
}
void LittleEndianUnicodeToUnicode(const u_int16_t *unistr, int unistrLen, u_int16_t *unicode)
{
int i;
u_int16_t val;
for(i = 0; i < unistrLen; i++)
{
val = *unistr;
if (BYTE_ORDER == BIG_ENDIAN)
*unicode = ByteSwapInt16(val);
else
*unicode = val;
unicode++;
unistr++;
if (val == 0) break;
}
}
void MD4Encode(unsigned char *output, const unsigned char *input, unsigned int len)
{
CC_MD4_CTX context = {};
CC_MD4_Init(&context);
CC_MD4_Update(&context, (unsigned char *)input, len);
CC_MD4_Final(output, &context);
}
void strnupper(char *str, int maxlen)
{
char *s = str;
while (*s && maxlen)
{
if (islower(*s))
*s = toupper(*s);
s++;
maxlen--;
}
}
void DESEncode(const void *str, void *data)
{
CCCryptorStatus status = kCCSuccess;
unsigned char key[8] = {0};
size_t dataMoved = 0;
str_to_key((unsigned char *)str, key);
status = CCCrypt( kCCEncrypt, kCCAlgorithmDES, 0,
key, sizeof(key),
NULL,
data, 8,
data, 8, &dataMoved );
if ( status != kCCSuccess )
bzero( data, 8 );
}
void apsasl_des_set_odd_parity(unsigned char *key)
{
int idx;
for (idx = 0; idx < 8; idx++)
key[idx] = apsasl_odd_parity[key[idx]];
}
void str_to_key(unsigned char *str, unsigned char *key)
{
int i;
key[0] = str[0]>>1;
key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
key[7] = str[6]&0x7F;
for (i = 0; i < 8; i++) {
key[i] = (key[i] << 1);
}
apsasl_des_set_odd_parity((unsigned char *)&key);
}