xref: /freebsd/lib/libcrypt/crypt-nthash.c (revision fcb560670601b2a4d87bb31d7531c8dcc37ee71b)
1 /*-
2  * Copyright (c) 2003 Michael Bretterklieber
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  */
26 
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
29 
30 #include <sys/types.h>
31 
32 #include <netinet/in.h>
33 
34 #include <ctype.h>
35 #include <err.h>
36 #include <md4.h>
37 #include <stdarg.h>
38 #include <stdio.h>
39 #include <string.h>
40 #include <unistd.h>
41 
42 #include "crypt.h"
43 
44 /*
45  * NT HASH = md4(str2unicode(pw))
46  */
47 
48 /* ARGSUSED */
49 char *
50 crypt_nthash(const char *pw, const char *salt __unused)
51 {
52 	size_t unipwLen;
53 	int i, j;
54 	static char hexconvtab[] = "0123456789abcdef";
55 	static const char *magic = "$3$";
56 	static char passwd[120];
57 	u_int16_t unipw[128];
58 	char final[MD4_SIZE*2 + 1];
59 	u_char hash[MD4_SIZE];
60 	const char *s;
61 	MD4_CTX	ctx;
62 
63 	bzero(unipw, sizeof(unipw));
64 	/* convert to unicode (thanx Archie) */
65 	unipwLen = 0;
66 	for (s = pw; unipwLen < sizeof(unipw) / 2 && *s; s++)
67 		unipw[unipwLen++] = htons(*s << 8);
68 
69 	/* Compute MD4 of Unicode password */
70  	MD4Init(&ctx);
71 	MD4Update(&ctx, (u_char *)unipw, unipwLen*sizeof(u_int16_t));
72 	MD4Final(hash, &ctx);
73 
74 	for (i = j = 0; i < MD4_SIZE; i++) {
75 		final[j++] = hexconvtab[hash[i] >> 4];
76 		final[j++] = hexconvtab[hash[i] & 15];
77 	}
78 	final[j] = '\0';
79 
80 	strcpy(passwd, magic);
81 	strcat(passwd, "$");
82 	strncat(passwd, final, MD4_SIZE*2);
83 
84 	/* Don't leave anything around in vm they could use. */
85 	memset(final, 0, sizeof(final));
86 
87 	return (passwd);
88 }
89