1681a5bbeSBoris Popov /* 2681a5bbeSBoris Popov * Copyright (c) 2000-2001, Boris Popov 3681a5bbeSBoris Popov * All rights reserved. 4681a5bbeSBoris Popov * 5681a5bbeSBoris Popov * Redistribution and use in source and binary forms, with or without 6681a5bbeSBoris Popov * modification, are permitted provided that the following conditions 7681a5bbeSBoris Popov * are met: 8681a5bbeSBoris Popov * 1. Redistributions of source code must retain the above copyright 9681a5bbeSBoris Popov * notice, this list of conditions and the following disclaimer. 10681a5bbeSBoris Popov * 2. Redistributions in binary form must reproduce the above copyright 11681a5bbeSBoris Popov * notice, this list of conditions and the following disclaimer in the 12681a5bbeSBoris Popov * documentation and/or other materials provided with the distribution. 13681a5bbeSBoris Popov * 3. All advertising materials mentioning features or use of this software 14681a5bbeSBoris Popov * must display the following acknowledgement: 15681a5bbeSBoris Popov * This product includes software developed by Boris Popov. 16681a5bbeSBoris Popov * 4. Neither the name of the author nor the names of any co-contributors 17681a5bbeSBoris Popov * may be used to endorse or promote products derived from this software 18681a5bbeSBoris Popov * without specific prior written permission. 19681a5bbeSBoris Popov * 20681a5bbeSBoris Popov * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 21681a5bbeSBoris Popov * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22681a5bbeSBoris Popov * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23681a5bbeSBoris Popov * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 24681a5bbeSBoris Popov * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25681a5bbeSBoris Popov * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26681a5bbeSBoris Popov * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27681a5bbeSBoris Popov * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28681a5bbeSBoris Popov * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29681a5bbeSBoris Popov * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30681a5bbeSBoris Popov * SUCH DAMAGE. 31681a5bbeSBoris Popov */ 32ab0de15bSDavid E. O'Brien 33ab0de15bSDavid E. O'Brien #include <sys/cdefs.h> 34ab0de15bSDavid E. O'Brien __FBSDID("$FreeBSD$"); 35ab0de15bSDavid E. O'Brien 36681a5bbeSBoris Popov #include <sys/param.h> 37681a5bbeSBoris Popov #include <sys/malloc.h> 38681a5bbeSBoris Popov #include <sys/kernel.h> 39681a5bbeSBoris Popov #include <sys/systm.h> 40681a5bbeSBoris Popov #include <sys/conf.h> 41681a5bbeSBoris Popov #include <sys/proc.h> 42681a5bbeSBoris Popov #include <sys/fcntl.h> 43681a5bbeSBoris Popov #include <sys/socket.h> 44681a5bbeSBoris Popov #include <sys/socketvar.h> 45681a5bbeSBoris Popov #include <sys/sysctl.h> 46681a5bbeSBoris Popov 47681a5bbeSBoris Popov #include <sys/md4.h> 48681a5bbeSBoris Popov #include <sys/iconv.h> 49681a5bbeSBoris Popov 50681a5bbeSBoris Popov #include <netsmb/smb.h> 51681a5bbeSBoris Popov #include <netsmb/smb_conn.h> 52681a5bbeSBoris Popov #include <netsmb/smb_subr.h> 53681a5bbeSBoris Popov #include <netsmb/smb_dev.h> 54681a5bbeSBoris Popov 55681a5bbeSBoris Popov #include "opt_netsmb.h" 56681a5bbeSBoris Popov 57681a5bbeSBoris Popov #ifdef NETSMBCRYPTO 58681a5bbeSBoris Popov 59681a5bbeSBoris Popov #include <crypto/des/des.h> 60681a5bbeSBoris Popov 61681a5bbeSBoris Popov static u_char N8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; 62681a5bbeSBoris Popov 63681a5bbeSBoris Popov 64681a5bbeSBoris Popov static void 65681a5bbeSBoris Popov smb_E(const u_char *key, u_char *data, u_char *dest) 66681a5bbeSBoris Popov { 67681a5bbeSBoris Popov des_key_schedule *ksp; 68681a5bbeSBoris Popov u_char kk[8]; 69681a5bbeSBoris Popov 70681a5bbeSBoris Popov kk[0] = key[0] & 0xfe; 71681a5bbeSBoris Popov kk[1] = key[0] << 7 | (key[1] >> 1 & 0xfe); 72681a5bbeSBoris Popov kk[2] = key[1] << 6 | (key[2] >> 2 & 0xfe); 73681a5bbeSBoris Popov kk[3] = key[2] << 5 | (key[3] >> 3 & 0xfe); 74681a5bbeSBoris Popov kk[4] = key[3] << 4 | (key[4] >> 4 & 0xfe); 75681a5bbeSBoris Popov kk[5] = key[4] << 3 | (key[5] >> 5 & 0xfe); 76681a5bbeSBoris Popov kk[6] = key[5] << 2 | (key[6] >> 6 & 0xfe); 77681a5bbeSBoris Popov kk[7] = key[6] << 1; 78a163d034SWarner Losh ksp = malloc(sizeof(des_key_schedule), M_SMBTEMP, M_WAITOK); 7933841545SHajimu UMEMOTO des_set_key((des_cblock *)kk, *ksp); 8033841545SHajimu UMEMOTO des_ecb_encrypt((des_cblock *)data, (des_cblock *)dest, *ksp, 1); 81681a5bbeSBoris Popov free(ksp, M_SMBTEMP); 82681a5bbeSBoris Popov } 83681a5bbeSBoris Popov #endif 84681a5bbeSBoris Popov 85681a5bbeSBoris Popov 86681a5bbeSBoris Popov int 87681a5bbeSBoris Popov smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN) 88681a5bbeSBoris Popov { 89681a5bbeSBoris Popov #ifdef NETSMBCRYPTO 90681a5bbeSBoris Popov u_char *p, *P14, *S21; 91681a5bbeSBoris Popov 92a163d034SWarner Losh p = malloc(14 + 21, M_SMBTEMP, M_WAITOK); 93681a5bbeSBoris Popov bzero(p, 14 + 21); 94681a5bbeSBoris Popov P14 = p; 95681a5bbeSBoris Popov S21 = p + 14; 96681a5bbeSBoris Popov bcopy(apwd, P14, min(14, strlen(apwd))); 97681a5bbeSBoris Popov /* 98681a5bbeSBoris Popov * S21 = concat(Ex(P14, N8), zeros(5)); 99681a5bbeSBoris Popov */ 100681a5bbeSBoris Popov smb_E(P14, N8, S21); 101681a5bbeSBoris Popov smb_E(P14 + 7, N8, S21 + 8); 102681a5bbeSBoris Popov 103681a5bbeSBoris Popov smb_E(S21, C8, RN); 104681a5bbeSBoris Popov smb_E(S21 + 7, C8, RN + 8); 105681a5bbeSBoris Popov smb_E(S21 + 14, C8, RN + 16); 106681a5bbeSBoris Popov free(p, M_SMBTEMP); 107681a5bbeSBoris Popov return 0; 108681a5bbeSBoris Popov #else 109681a5bbeSBoris Popov SMBERROR("password encryption is not available\n"); 110681a5bbeSBoris Popov bzero(RN, 24); 111681a5bbeSBoris Popov return EAUTH; 112681a5bbeSBoris Popov #endif 113681a5bbeSBoris Popov } 114681a5bbeSBoris Popov 115681a5bbeSBoris Popov int 116681a5bbeSBoris Popov smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN) 117681a5bbeSBoris Popov { 118681a5bbeSBoris Popov #ifdef NETSMBCRYPTO 119681a5bbeSBoris Popov u_char S21[21]; 120681a5bbeSBoris Popov u_int16_t *unipwd; 121681a5bbeSBoris Popov MD4_CTX *ctxp; 122681a5bbeSBoris Popov int len; 123681a5bbeSBoris Popov 124681a5bbeSBoris Popov len = strlen(apwd); 125a163d034SWarner Losh unipwd = malloc((len + 1) * sizeof(u_int16_t), M_SMBTEMP, M_WAITOK); 126681a5bbeSBoris Popov /* 127681a5bbeSBoris Popov * S21 = concat(MD4(U(apwd)), zeros(5)); 128681a5bbeSBoris Popov */ 129681a5bbeSBoris Popov smb_strtouni(unipwd, apwd); 130a163d034SWarner Losh ctxp = malloc(sizeof(MD4_CTX), M_SMBTEMP, M_WAITOK); 131681a5bbeSBoris Popov MD4Init(ctxp); 132681a5bbeSBoris Popov MD4Update(ctxp, (u_char*)unipwd, len * sizeof(u_int16_t)); 133681a5bbeSBoris Popov free(unipwd, M_SMBTEMP); 134681a5bbeSBoris Popov bzero(S21, 21); 135681a5bbeSBoris Popov MD4Final(S21, ctxp); 136681a5bbeSBoris Popov free(ctxp, M_SMBTEMP); 137681a5bbeSBoris Popov 138681a5bbeSBoris Popov smb_E(S21, C8, RN); 139681a5bbeSBoris Popov smb_E(S21 + 7, C8, RN + 8); 140681a5bbeSBoris Popov smb_E(S21 + 14, C8, RN + 16); 141681a5bbeSBoris Popov return 0; 142681a5bbeSBoris Popov #else 143681a5bbeSBoris Popov SMBERROR("password encryption is not available\n"); 144681a5bbeSBoris Popov bzero(RN, 24); 145681a5bbeSBoris Popov return EAUTH; 146681a5bbeSBoris Popov #endif 147681a5bbeSBoris Popov } 148681a5bbeSBoris Popov 149