xref: /freebsd/usr.sbin/ppp/chap_ms.c (revision a8445737e740901f5f2c8d24c12ef7fc8b00134e) 
1 /*
2  * chap_ms.c - Microsoft MS-CHAP compatible implementation.
3  *
4  * Copyright (c) 1995 Eric Rosenquist, Strata Software Limited.
5  * http://www.strataware.com/
6  *
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms are permitted
10  * provided that the above copyright notice and this paragraph are
11  * duplicated in all such forms and that any documentation,
12  * advertising materials, and other materials related to such
13  * distribution and use acknowledge that the software was developed
14  * by Eric Rosenquist.  The name of the author may not be used to
15  * endorse or promote products derived from this software without
16  * specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
19  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
20  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21  *
22  * $Id: chap_ms.c,v 1.5.4.3 1998/05/01 19:24:07 brian Exp $
23  *
24  */
25 
26 #include <sys/types.h>
27 
28 #include <des.h>
29 #include <string.h>
30 
31 #include "chap_ms.h"
32 
33 /* unused, for documentation only */
34 /* only NTResp is filled in for FreeBSD */
35 struct MS_ChapResponse {
36     u_char LANManResp[24];
37     u_char NTResp[24];
38     u_char UseNT;	/* If 1, ignore the LANMan response field */
39 };
40 
41 static void DesEncrypt(u_char *, u_char *, u_char *);
42 static void MakeKey(u_char *, u_char *);
43 
44 static void      /* IN 8 octets      IN 16 octets     OUT 24 octets */
45 ChallengeResponse(u_char *challenge, u_char *pwHash, u_char *response)
46 {
47     char    ZPasswordHash[21];
48 
49     memset(ZPasswordHash, '\0', sizeof ZPasswordHash);
50     memcpy(ZPasswordHash, pwHash, 16);
51 
52     DesEncrypt(challenge, ZPasswordHash +  0, response + 0);
53     DesEncrypt(challenge, ZPasswordHash +  7, response + 8);
54     DesEncrypt(challenge, ZPasswordHash + 14, response + 16);
55 }
56 
57 static void /* IN 8 octets IN 7 octest OUT 8 octets */
58 DesEncrypt(u_char *clear, u_char *key, u_char *cipher)
59 {
60     des_cblock		des_key;
61     des_key_schedule	key_schedule;
62 
63     MakeKey(key, des_key);
64     des_set_key(&des_key, key_schedule);
65     des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
66 }
67 
68 static u_char Get7Bits(u_char *input, int startBit)
69 {
70     register unsigned int	word;
71 
72     word  = (unsigned)input[startBit / 8] << 8;
73     word |= (unsigned)input[startBit / 8 + 1];
74 
75     word >>= 15 - (startBit % 8 + 7);
76 
77     return word & 0xFE;
78 }
79 
80 /* IN  56 bit DES key missing parity bits
81    OUT 64 bit DES key with parity bits added */
82 static void MakeKey(u_char *key, u_char *des_key)
83 {
84     des_key[0] = Get7Bits(key,  0);
85     des_key[1] = Get7Bits(key,  7);
86     des_key[2] = Get7Bits(key, 14);
87     des_key[3] = Get7Bits(key, 21);
88     des_key[4] = Get7Bits(key, 28);
89     des_key[5] = Get7Bits(key, 35);
90     des_key[6] = Get7Bits(key, 42);
91     des_key[7] = Get7Bits(key, 49);
92 
93     des_set_odd_parity((des_cblock *)des_key);
94 }
95 
96 /* passwordHash 16-bytes MD4 hashed password
97    challenge    8-bytes peer CHAP challenge
98    since passwordHash is in a 24-byte buffer, response is written in there */
99 void
100 chap_MS(char *passwordHash, char *challenge, int challenge_len)
101 {
102     u_char response[24];
103 
104     ChallengeResponse(challenge, passwordHash, response);
105     memcpy(passwordHash, response, 24);
106     passwordHash += 24;
107     *passwordHash = 1;
108 }
109