| 1 | /*************************************************************************** |
|---|---|
| 2 | * _ _ ____ _ |
| 3 | * Project ___| | | | _ \| | |
| 4 | * / __| | | | |_) | | |
| 5 | * | (__| |_| | _ <| |___ |
| 6 | * \___|\___/|_| \_\_____| |
| 7 | * |
| 8 | * Copyright (C) 1998 - 2022, Daniel Stenberg, <[email protected]>, et al. |
| 9 | * |
| 10 | * This software is licensed as described in the file COPYING, which |
| 11 | * you should have received as part of this distribution. The terms |
| 12 | * are also available at https://curl.se/docs/copyright.html. |
| 13 | * |
| 14 | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
| 15 | * copies of the Software, and permit persons to whom the Software is |
| 16 | * furnished to do so, under the terms of the COPYING file. |
| 17 | * |
| 18 | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
| 19 | * KIND, either express or implied. |
| 20 | * |
| 21 | * SPDX-License-Identifier: curl |
| 22 | * |
| 23 | ***************************************************************************/ |
| 24 | |
| 25 | #include "curl_setup.h" |
| 26 | |
| 27 | #if defined(USE_CURL_NTLM_CORE) |
| 28 | |
| 29 | /* |
| 30 | * NTLM details: |
| 31 | * |
| 32 | * https://davenport.sourceforge.io/ntlm.html |
| 33 | * https://www.innovation.ch/java/ntlm.html |
| 34 | */ |
| 35 | |
| 36 | /* Please keep the SSL backend-specific #if branches in this order: |
| 37 | |
| 38 | 1. USE_OPENSSL |
| 39 | 2. USE_GNUTLS |
| 40 | 3. USE_NSS |
| 41 | 4. USE_MBEDTLS |
| 42 | 5. USE_SECTRANSP |
| 43 | 6. USE_OS400CRYPTO |
| 44 | 7. USE_WIN32_CRYPTO |
| 45 | |
| 46 | This ensures that: |
| 47 | - the same SSL branch gets activated throughout this source |
| 48 | file even if multiple backends are enabled at the same time. |
| 49 | - OpenSSL and NSS have higher priority than Windows Crypt, due |
| 50 | to issues with the latter supporting NTLM2Session responses |
| 51 | in NTLM type-3 messages. |
| 52 | */ |
| 53 | |
| 54 | #if defined(USE_OPENSSL) |
| 55 | #include <openssl/opensslconf.h> |
| 56 | #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0) |
| 57 | #define USE_OPENSSL_DES |
| 58 | #endif |
| 59 | #endif |
| 60 | |
| 61 | #if defined(USE_OPENSSL_DES) || defined(USE_WOLFSSL) |
| 62 | |
| 63 | #if defined(USE_OPENSSL) |
| 64 | # include <openssl/des.h> |
| 65 | # include <openssl/md5.h> |
| 66 | # include <openssl/ssl.h> |
| 67 | # include <openssl/rand.h> |
| 68 | #else |
| 69 | # include <wolfssl/options.h> |
| 70 | # include <wolfssl/openssl/des.h> |
| 71 | # include <wolfssl/openssl/md5.h> |
| 72 | # include <wolfssl/openssl/ssl.h> |
| 73 | # include <wolfssl/openssl/rand.h> |
| 74 | #endif |
| 75 | |
| 76 | # if (defined(OPENSSL_VERSION_NUMBER) && \ |
| 77 | (OPENSSL_VERSION_NUMBER < 0x00907001L)) && !defined(USE_WOLFSSL) |
| 78 | # define DES_key_schedule des_key_schedule |
| 79 | # define DES_cblock des_cblock |
| 80 | # define DES_set_odd_parity des_set_odd_parity |
| 81 | # define DES_set_key des_set_key |
| 82 | # define DES_ecb_encrypt des_ecb_encrypt |
| 83 | # define DESKEY(x) x |
| 84 | # define DESKEYARG(x) x |
| 85 | # else |
| 86 | # define DESKEYARG(x) *x |
| 87 | # define DESKEY(x) &x |
| 88 | # endif |
| 89 | |
| 90 | #elif defined(USE_GNUTLS) |
| 91 | |
| 92 | # include <nettle/des.h> |
| 93 | |
| 94 | #elif defined(USE_NSS) |
| 95 | |
| 96 | # include <nss.h> |
| 97 | # include <pk11pub.h> |
| 98 | # include <hasht.h> |
| 99 | |
| 100 | #elif defined(USE_MBEDTLS) |
| 101 | |
| 102 | # include <mbedtls/des.h> |
| 103 | |
| 104 | #elif defined(USE_SECTRANSP) |
| 105 | |
| 106 | # include <CommonCrypto/CommonCryptor.h> |
| 107 | # include <CommonCrypto/CommonDigest.h> |
| 108 | |
| 109 | #elif defined(USE_OS400CRYPTO) |
| 110 | # include "cipher.mih" /* mih/cipher */ |
| 111 | #elif defined(USE_WIN32_CRYPTO) |
| 112 | # include <wincrypt.h> |
| 113 | #else |
| 114 | # error "Can't compile NTLM support without a crypto library with DES." |
| 115 | #endif |
| 116 | |
| 117 | #include "urldata.h" |
| 118 | #include "strcase.h" |
| 119 | #include "curl_ntlm_core.h" |
| 120 | #include "curl_md5.h" |
| 121 | #include "curl_hmac.h" |
| 122 | #include "warnless.h" |
| 123 | #include "curl_endian.h" |
| 124 | #include "curl_des.h" |
| 125 | #include "curl_md4.h" |
| 126 | /* The last 3 #include files should be in this order */ |
| 127 | #include "curl_printf.h" |
| 128 | #include "curl_memory.h" |
| 129 | #include "memdebug.h" |
| 130 | |
| 131 | #define NTLMv2_BLOB_SIGNATURE "\x01\x01\x00\x00" |
| 132 | #define NTLMv2_BLOB_LEN (44 -16 + ntlm->target_info_len + 4) |
| 133 | |
| 134 | /* |
| 135 | * Turns a 56-bit key into being 64-bit wide. |
| 136 | */ |
| 137 | static void extend_key_56_to_64(const unsigned char *key_56, char *key) |
| 138 | { |
| 139 | key[0] = key_56[0]; |
| 140 | key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1)); |
| 141 | key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2)); |
| 142 | key[3] = (unsigned char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3)); |
| 143 | key[4] = (unsigned char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4)); |
| 144 | key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5)); |
| 145 | key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6)); |
| 146 | key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF); |
| 147 | } |
| 148 | |
| 149 | #if defined(USE_OPENSSL_DES) || defined(USE_WOLFSSL) |
| 150 | /* |
| 151 | * Turns a 56 bit key into the 64 bit, odd parity key and sets the key. The |
| 152 | * key schedule ks is also set. |
| 153 | */ |
| 154 | static void setup_des_key(const unsigned char *key_56, |
| 155 | DES_key_schedule DESKEYARG(ks)) |
| 156 | { |
| 157 | DES_cblock key; |
| 158 | |
| 159 | /* Expand the 56-bit key to 64-bits */ |
| 160 | extend_key_56_to_64(key_56, (char *) &key); |
| 161 | |
| 162 | /* Set the key parity to odd */ |
| 163 | DES_set_odd_parity(&key); |
| 164 | |
| 165 | /* Set the key */ |
| 166 | DES_set_key_unchecked(&key, ks); |
| 167 | } |
| 168 | |
| 169 | #elif defined(USE_GNUTLS) |
| 170 | |
| 171 | static void setup_des_key(const unsigned char *key_56, |
| 172 | struct des_ctx *des) |
| 173 | { |
| 174 | char key[8]; |
| 175 | |
| 176 | /* Expand the 56-bit key to 64-bits */ |
| 177 | extend_key_56_to_64(key_56, key); |
| 178 | |
| 179 | /* Set the key parity to odd */ |
| 180 | Curl_des_set_odd_parity((unsigned char *) key, sizeof(key)); |
| 181 | |
| 182 | /* Set the key */ |
| 183 | des_set_key(des, (const uint8_t *) key); |
| 184 | } |
| 185 | |
| 186 | #elif defined(USE_NSS) |
| 187 | |
| 188 | /* |
| 189 | * Expands a 56 bit key KEY_56 to 64 bit and encrypts 64 bit of data, using |
| 190 | * the expanded key. The caller is responsible for giving 64 bit of valid |
| 191 | * data is IN and (at least) 64 bit large buffer as OUT. |
| 192 | */ |
| 193 | static bool encrypt_des(const unsigned char *in, unsigned char *out, |
| 194 | const unsigned char *key_56) |
| 195 | { |
| 196 | const CK_MECHANISM_TYPE mech = CKM_DES_ECB; /* DES cipher in ECB mode */ |
| 197 | char key[8]; /* expanded 64 bit key */ |
| 198 | SECItem key_item; |
| 199 | PK11SymKey *symkey = NULL; |
| 200 | SECItem *param = NULL; |
| 201 | PK11Context *ctx = NULL; |
| 202 | int out_len; /* not used, required by NSS */ |
| 203 | bool rv = FALSE; |
| 204 | |
| 205 | /* use internal slot for DES encryption (requires NSS to be initialized) */ |
| 206 | PK11SlotInfo *slot = PK11_GetInternalKeySlot(); |
| 207 | if(!slot) |
| 208 | return FALSE; |
| 209 | |
| 210 | /* Expand the 56-bit key to 64-bits */ |
| 211 | extend_key_56_to_64(key_56, key); |
| 212 | |
| 213 | /* Set the key parity to odd */ |
| 214 | Curl_des_set_odd_parity((unsigned char *) key, sizeof(key)); |
| 215 | |
| 216 | /* Import the key */ |
| 217 | key_item.data = (unsigned char *)key; |
| 218 | key_item.len = sizeof(key); |
| 219 | symkey = PK11_ImportSymKey(slot, mech, PK11_OriginUnwrap, CKA_ENCRYPT, |
| 220 | &key_item, NULL); |
| 221 | if(!symkey) |
| 222 | goto fail; |
| 223 | |
| 224 | /* Create the DES encryption context */ |
| 225 | param = PK11_ParamFromIV(mech, /* no IV in ECB mode */ NULL); |
| 226 | if(!param) |
| 227 | goto fail; |
| 228 | ctx = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, symkey, param); |
| 229 | if(!ctx) |
| 230 | goto fail; |
| 231 | |
| 232 | /* Perform the encryption */ |
| 233 | if(SECSuccess == PK11_CipherOp(ctx, out, &out_len, /* outbuflen */ 8, |
| 234 | (unsigned char *)in, /* inbuflen */ 8) |
| 235 | && SECSuccess == PK11_Finalize(ctx)) |
| 236 | rv = /* all OK */ TRUE; |
| 237 | |
| 238 | fail: |
| 239 | /* cleanup */ |
| 240 | if(ctx) |
| 241 | PK11_DestroyContext(ctx, PR_TRUE); |
| 242 | if(symkey) |
| 243 | PK11_FreeSymKey(symkey); |
| 244 | if(param) |
| 245 | SECITEM_FreeItem(param, PR_TRUE); |
| 246 | PK11_FreeSlot(slot); |
| 247 | return rv; |
| 248 | } |
| 249 | |
| 250 | #elif defined(USE_MBEDTLS) |
| 251 | |
| 252 | static bool encrypt_des(const unsigned char *in, unsigned char *out, |
| 253 | const unsigned char *key_56) |
| 254 | { |
| 255 | mbedtls_des_context ctx; |
| 256 | char key[8]; |
| 257 | |
| 258 | /* Expand the 56-bit key to 64-bits */ |
| 259 | extend_key_56_to_64(key_56, key); |
| 260 | |
| 261 | /* Set the key parity to odd */ |
| 262 | mbedtls_des_key_set_parity((unsigned char *) key); |
| 263 | |
| 264 | /* Perform the encryption */ |
| 265 | mbedtls_des_init(&ctx); |
| 266 | mbedtls_des_setkey_enc(&ctx, (unsigned char *) key); |
| 267 | return mbedtls_des_crypt_ecb(&ctx, in, out) == 0; |
| 268 | } |
| 269 | |
| 270 | #elif defined(USE_SECTRANSP) |
| 271 | |
| 272 | static bool encrypt_des(const unsigned char *in, unsigned char *out, |
| 273 | const unsigned char *key_56) |
| 274 | { |
| 275 | char key[8]; |
| 276 | size_t out_len; |
| 277 | CCCryptorStatus err; |
| 278 | |
| 279 | /* Expand the 56-bit key to 64-bits */ |
| 280 | extend_key_56_to_64(key_56, key); |
| 281 | |
| 282 | /* Set the key parity to odd */ |
| 283 | Curl_des_set_odd_parity((unsigned char *) key, sizeof(key)); |
| 284 | |
| 285 | /* Perform the encryption */ |
| 286 | err = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode, key, |
| 287 | kCCKeySizeDES, NULL, in, 8 /* inbuflen */, out, |
| 288 | 8 /* outbuflen */, &out_len); |
| 289 | |
| 290 | return err == kCCSuccess; |
| 291 | } |
| 292 | |
| 293 | #elif defined(USE_OS400CRYPTO) |
| 294 | |
| 295 | static bool encrypt_des(const unsigned char *in, unsigned char *out, |
| 296 | const unsigned char *key_56) |
| 297 | { |
| 298 | char key[8]; |
| 299 | _CIPHER_Control_T ctl; |
| 300 | |
| 301 | /* Setup the cipher control structure */ |
| 302 | ctl.Func_ID = ENCRYPT_ONLY; |
| 303 | ctl.Data_Len = sizeof(key); |
| 304 | |
| 305 | /* Expand the 56-bit key to 64-bits */ |
| 306 | extend_key_56_to_64(key_56, ctl.Crypto_Key); |
| 307 | |
| 308 | /* Set the key parity to odd */ |
| 309 | Curl_des_set_odd_parity((unsigned char *) ctl.Crypto_Key, ctl.Data_Len); |
| 310 | |
| 311 | /* Perform the encryption */ |
| 312 | _CIPHER((_SPCPTR *) &out, &ctl, (_SPCPTR *) &in); |
| 313 | |
| 314 | return TRUE; |
| 315 | } |
| 316 | |
| 317 | #elif defined(USE_WIN32_CRYPTO) |
| 318 | |
| 319 | static bool encrypt_des(const unsigned char *in, unsigned char *out, |
| 320 | const unsigned char *key_56) |
| 321 | { |
| 322 | HCRYPTPROV hprov; |
| 323 | HCRYPTKEY hkey; |
| 324 | struct { |
| 325 | BLOBHEADER hdr; |
| 326 | unsigned int len; |
| 327 | char key[8]; |
| 328 | } blob; |
| 329 | DWORD len = 8; |
| 330 | |
| 331 | /* Acquire the crypto provider */ |
| 332 | if(!CryptAcquireContext(&hprov, NULL, NULL, PROV_RSA_FULL, |
| 333 | CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) |
| 334 | return FALSE; |
| 335 | |
| 336 | /* Setup the key blob structure */ |
| 337 | memset(&blob, 0, sizeof(blob)); |
| 338 | blob.hdr.bType = PLAINTEXTKEYBLOB; |
| 339 | blob.hdr.bVersion = 2; |
| 340 | blob.hdr.aiKeyAlg = CALG_DES; |
| 341 | blob.len = sizeof(blob.key); |
| 342 | |
| 343 | /* Expand the 56-bit key to 64-bits */ |
| 344 | extend_key_56_to_64(key_56, blob.key); |
| 345 | |
| 346 | /* Set the key parity to odd */ |
| 347 | Curl_des_set_odd_parity((unsigned char *) blob.key, sizeof(blob.key)); |
| 348 | |
| 349 | /* Import the key */ |
| 350 | if(!CryptImportKey(hprov, (BYTE *) &blob, sizeof(blob), 0, 0, &hkey)) { |
| 351 | CryptReleaseContext(hprov, 0); |
| 352 | |
| 353 | return FALSE; |
| 354 | } |
| 355 | |
| 356 | memcpy(out, in, 8); |
| 357 | |
| 358 | /* Perform the encryption */ |
| 359 | CryptEncrypt(hkey, 0, FALSE, 0, out, &len, len); |
| 360 | |
| 361 | CryptDestroyKey(hkey); |
| 362 | CryptReleaseContext(hprov, 0); |
| 363 | |
| 364 | return TRUE; |
| 365 | } |
| 366 | |
| 367 | #endif /* defined(USE_WIN32_CRYPTO) */ |
| 368 | |
| 369 | /* |
| 370 | * takes a 21 byte array and treats it as 3 56-bit DES keys. The |
| 371 | * 8 byte plaintext is encrypted with each key and the resulting 24 |
| 372 | * bytes are stored in the results array. |
| 373 | */ |
| 374 | void Curl_ntlm_core_lm_resp(const unsigned char *keys, |
| 375 | const unsigned char *plaintext, |
| 376 | unsigned char *results) |
| 377 | { |
| 378 | #if defined(USE_OPENSSL_DES) || defined(USE_WOLFSSL) |
| 379 | DES_key_schedule ks; |
| 380 | |
| 381 | setup_des_key(keys, DESKEY(ks)); |
| 382 | DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) results, |
| 383 | DESKEY(ks), DES_ENCRYPT); |
| 384 | |
| 385 | setup_des_key(keys + 7, DESKEY(ks)); |
| 386 | DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) (results + 8), |
| 387 | DESKEY(ks), DES_ENCRYPT); |
| 388 | |
| 389 | setup_des_key(keys + 14, DESKEY(ks)); |
| 390 | DES_ecb_encrypt((DES_cblock*) plaintext, (DES_cblock*) (results + 16), |
| 391 | DESKEY(ks), DES_ENCRYPT); |
| 392 | #elif defined(USE_GNUTLS) |
| 393 | struct des_ctx des; |
| 394 | setup_des_key(keys, &des); |
| 395 | des_encrypt(&des, 8, results, plaintext); |
| 396 | setup_des_key(keys + 7, &des); |
| 397 | des_encrypt(&des, 8, results + 8, plaintext); |
| 398 | setup_des_key(keys + 14, &des); |
| 399 | des_encrypt(&des, 8, results + 16, plaintext); |
| 400 | #elif defined(USE_NSS) || defined(USE_MBEDTLS) || defined(USE_SECTRANSP) \ |
| 401 | || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) |
| 402 | encrypt_des(plaintext, results, keys); |
| 403 | encrypt_des(plaintext, results + 8, keys + 7); |
| 404 | encrypt_des(plaintext, results + 16, keys + 14); |
| 405 | #endif |
| 406 | } |
| 407 | |
| 408 | /* |
| 409 | * Set up lanmanager hashed password |
| 410 | */ |
| 411 | CURLcode Curl_ntlm_core_mk_lm_hash(const char *password, |
| 412 | unsigned char *lmbuffer /* 21 bytes */) |
| 413 | { |
| 414 | unsigned char pw[14]; |
| 415 | static const unsigned char magic[] = { |
| 416 | 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 /* i.e. KGS!@#$% */ |
| 417 | }; |
| 418 | size_t len = CURLMIN(strlen(password), 14); |
| 419 | |
| 420 | Curl_strntoupper((char *)pw, password, len); |
| 421 | memset(&pw[len], 0, 14 - len); |
| 422 | |
| 423 | { |
| 424 | /* Create LanManager hashed password. */ |
| 425 | |
| 426 | #if defined(USE_OPENSSL_DES) || defined(USE_WOLFSSL) |
| 427 | DES_key_schedule ks; |
| 428 | |
| 429 | setup_des_key(pw, DESKEY(ks)); |
| 430 | DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)lmbuffer, |
| 431 | DESKEY(ks), DES_ENCRYPT); |
| 432 | |
| 433 | setup_des_key(pw + 7, DESKEY(ks)); |
| 434 | DES_ecb_encrypt((DES_cblock *)magic, (DES_cblock *)(lmbuffer + 8), |
| 435 | DESKEY(ks), DES_ENCRYPT); |
| 436 | #elif defined(USE_GNUTLS) |
| 437 | struct des_ctx des; |
| 438 | setup_des_key(pw, &des); |
| 439 | des_encrypt(&des, 8, lmbuffer, magic); |
| 440 | setup_des_key(pw + 7, &des); |
| 441 | des_encrypt(&des, 8, lmbuffer + 8, magic); |
| 442 | #elif defined(USE_NSS) || defined(USE_MBEDTLS) || defined(USE_SECTRANSP) \ |
| 443 | || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) |
| 444 | encrypt_des(magic, lmbuffer, pw); |
| 445 | encrypt_des(magic, lmbuffer + 8, pw + 7); |
| 446 | #endif |
| 447 | |
| 448 | memset(lmbuffer + 16, 0, 21 - 16); |
| 449 | } |
| 450 | |
| 451 | return CURLE_OK; |
| 452 | } |
| 453 | |
| 454 | static void ascii_to_unicode_le(unsigned char *dest, const char *src, |
| 455 | size_t srclen) |
| 456 | { |
| 457 | size_t i; |
| 458 | for(i = 0; i < srclen; i++) { |
| 459 | dest[2 * i] = (unsigned char)src[i]; |
| 460 | dest[2 * i + 1] = '\0'; |
| 461 | } |
| 462 | } |
| 463 | |
| 464 | #if !defined(USE_WINDOWS_SSPI) |
| 465 | |
| 466 | static void ascii_uppercase_to_unicode_le(unsigned char *dest, |
| 467 | const char *src, size_t srclen) |
| 468 | { |
| 469 | size_t i; |
| 470 | for(i = 0; i < srclen; i++) { |
| 471 | dest[2 * i] = (unsigned char)(Curl_raw_toupper(src[i])); |
| 472 | dest[2 * i + 1] = '\0'; |
| 473 | } |
| 474 | } |
| 475 | |
| 476 | #endif /* !USE_WINDOWS_SSPI */ |
| 477 | |
| 478 | /* |
| 479 | * Set up nt hashed passwords |
| 480 | * @unittest: 1600 |
| 481 | */ |
| 482 | CURLcode Curl_ntlm_core_mk_nt_hash(const char *password, |
| 483 | unsigned char *ntbuffer /* 21 bytes */) |
| 484 | { |
| 485 | size_t len = strlen(password); |
| 486 | unsigned char *pw; |
| 487 | if(len > SIZE_T_MAX/2) /* avoid integer overflow */ |
| 488 | return CURLE_OUT_OF_MEMORY; |
| 489 | pw = len ? malloc(len * 2) : (unsigned char *)strdup(""); |
| 490 | if(!pw) |
| 491 | return CURLE_OUT_OF_MEMORY; |
| 492 | |
| 493 | ascii_to_unicode_le(pw, password, len); |
| 494 | |
| 495 | /* Create NT hashed password. */ |
| 496 | Curl_md4it(ntbuffer, pw, 2 * len); |
| 497 | memset(ntbuffer + 16, 0, 21 - 16); |
| 498 | |
| 499 | free(pw); |
| 500 | |
| 501 | return CURLE_OK; |
| 502 | } |
| 503 | |
| 504 | #if !defined(USE_WINDOWS_SSPI) |
| 505 | |
| 506 | /* Timestamp in tenths of a microsecond since January 1, 1601 00:00:00 UTC. */ |
| 507 | struct ms_filetime { |
| 508 | unsigned int dwLowDateTime; |
| 509 | unsigned int dwHighDateTime; |
| 510 | }; |
| 511 | |
| 512 | /* Convert a time_t to an MS FILETIME (MS-DTYP section 2.3.3). */ |
| 513 | static void time2filetime(struct ms_filetime *ft, time_t t) |
| 514 | { |
| 515 | #if SIZEOF_TIME_T > 4 |
| 516 | t = (t + CURL_OFF_T_C(11644473600)) * 10000000; |
| 517 | ft->dwLowDateTime = (unsigned int) (t & 0xFFFFFFFF); |
| 518 | ft->dwHighDateTime = (unsigned int) (t >> 32); |
| 519 | #else |
| 520 | unsigned int r, s; |
| 521 | unsigned int i; |
| 522 | |
| 523 | ft->dwLowDateTime = t & 0xFFFFFFFF; |
| 524 | ft->dwHighDateTime = 0; |
| 525 | |
| 526 | # ifndef HAVE_TIME_T_UNSIGNED |
| 527 | /* Extend sign if needed. */ |
| 528 | if(ft->dwLowDateTime & 0x80000000) |
| 529 | ft->dwHighDateTime = ~0; |
| 530 | # endif |
| 531 | |
| 532 | /* Bias seconds to Jan 1, 1601. |
| 533 | 134774 days = 11644473600 seconds = 0x2B6109100 */ |
| 534 | r = ft->dwLowDateTime; |
| 535 | ft->dwLowDateTime = (ft->dwLowDateTime + 0xB6109100U) & 0xFFFFFFFF; |
| 536 | ft->dwHighDateTime += ft->dwLowDateTime < r? 0x03: 0x02; |
| 537 | |
| 538 | /* Convert to tenths of microseconds. */ |
| 539 | ft->dwHighDateTime *= 10000000; |
| 540 | i = 32; |
| 541 | do { |
| 542 | i -= 8; |
| 543 | s = ((ft->dwLowDateTime >> i) & 0xFF) * (10000000 - 1); |
| 544 | r = (s << i) & 0xFFFFFFFF; |
| 545 | s >>= 1; /* Split shift to avoid width overflow. */ |
| 546 | s >>= 31 - i; |
| 547 | ft->dwLowDateTime = (ft->dwLowDateTime + r) & 0xFFFFFFFF; |
| 548 | if(ft->dwLowDateTime < r) |
| 549 | s++; |
| 550 | ft->dwHighDateTime += s; |
| 551 | } while(i); |
| 552 | ft->dwHighDateTime &= 0xFFFFFFFF; |
| 553 | #endif |
| 554 | } |
| 555 | |
| 556 | /* This creates the NTLMv2 hash by using NTLM hash as the key and Unicode |
| 557 | * (uppercase UserName + Domain) as the data |
| 558 | */ |
| 559 | CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen, |
| 560 | const char *domain, size_t domlen, |
| 561 | unsigned char *ntlmhash, |
| 562 | unsigned char *ntlmv2hash) |
| 563 | { |
| 564 | /* Unicode representation */ |
| 565 | size_t identity_len; |
| 566 | unsigned char *identity; |
| 567 | CURLcode result = CURLE_OK; |
| 568 | |
| 569 | if((userlen > CURL_MAX_INPUT_LENGTH) || (domlen > CURL_MAX_INPUT_LENGTH)) |
| 570 | return CURLE_OUT_OF_MEMORY; |
| 571 | |
| 572 | identity_len = (userlen + domlen) * 2; |
| 573 | identity = malloc(identity_len + 1); |
| 574 | |
| 575 | if(!identity) |
| 576 | return CURLE_OUT_OF_MEMORY; |
| 577 | |
| 578 | ascii_uppercase_to_unicode_le(identity, user, userlen); |
| 579 | ascii_to_unicode_le(identity + (userlen << 1), domain, domlen); |
| 580 | |
| 581 | result = Curl_hmacit(Curl_HMAC_MD5, ntlmhash, 16, identity, identity_len, |
| 582 | ntlmv2hash); |
| 583 | free(identity); |
| 584 | |
| 585 | return result; |
| 586 | } |
| 587 | |
| 588 | /* |
| 589 | * Curl_ntlm_core_mk_ntlmv2_resp() |
| 590 | * |
| 591 | * This creates the NTLMv2 response as set in the ntlm type-3 message. |
| 592 | * |
| 593 | * Parameters: |
| 594 | * |
| 595 | * ntlmv2hash [in] - The ntlmv2 hash (16 bytes) |
| 596 | * challenge_client [in] - The client nonce (8 bytes) |
| 597 | * ntlm [in] - The ntlm data struct being used to read TargetInfo |
| 598 | and Server challenge received in the type-2 message |
| 599 | * ntresp [out] - The address where a pointer to newly allocated |
| 600 | * memory holding the NTLMv2 response. |
| 601 | * ntresp_len [out] - The length of the output message. |
| 602 | * |
| 603 | * Returns CURLE_OK on success. |
| 604 | */ |
| 605 | CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash, |
| 606 | unsigned char *challenge_client, |
| 607 | struct ntlmdata *ntlm, |
| 608 | unsigned char **ntresp, |
| 609 | unsigned int *ntresp_len) |
| 610 | { |
| 611 | /* NTLMv2 response structure : |
| 612 | ------------------------------------------------------------------------------ |
| 613 | 0 HMAC MD5 16 bytes |
| 614 | ------BLOB-------------------------------------------------------------------- |
| 615 | 16 Signature 0x01010000 |
| 616 | 20 Reserved long (0x00000000) |
| 617 | 24 Timestamp LE, 64-bit signed value representing the number of |
| 618 | tenths of a microsecond since January 1, 1601. |
| 619 | 32 Client Nonce 8 bytes |
| 620 | 40 Unknown 4 bytes |
| 621 | 44 Target Info N bytes (from the type-2 message) |
| 622 | 44+N Unknown 4 bytes |
| 623 | ------------------------------------------------------------------------------ |
| 624 | */ |
| 625 | |
| 626 | unsigned int len = 0; |
| 627 | unsigned char *ptr = NULL; |
| 628 | unsigned char hmac_output[HMAC_MD5_LENGTH]; |
| 629 | struct ms_filetime tw; |
| 630 | |
| 631 | CURLcode result = CURLE_OK; |
| 632 | |
| 633 | /* Calculate the timestamp */ |
| 634 | #ifdef DEBUGBUILD |
| 635 | char *force_timestamp = getenv("CURL_FORCETIME"); |
| 636 | if(force_timestamp) |
| 637 | time2filetime(&tw, (time_t) 0); |
| 638 | else |
| 639 | #endif |
| 640 | time2filetime(&tw, time(NULL)); |
| 641 | |
| 642 | /* Calculate the response len */ |
| 643 | len = HMAC_MD5_LENGTH + NTLMv2_BLOB_LEN; |
| 644 | |
| 645 | /* Allocate the response */ |
| 646 | ptr = calloc(1, len); |
| 647 | if(!ptr) |
| 648 | return CURLE_OUT_OF_MEMORY; |
| 649 | |
| 650 | /* Create the BLOB structure */ |
| 651 | msnprintf((char *)ptr + HMAC_MD5_LENGTH, NTLMv2_BLOB_LEN, |
| 652 | "%c%c%c%c"/* NTLMv2_BLOB_SIGNATURE */ |
| 653 | "%c%c%c%c"/* Reserved = 0 */ |
| 654 | "%c%c%c%c%c%c%c%c", /* Timestamp */ |
| 655 | NTLMv2_BLOB_SIGNATURE[0], NTLMv2_BLOB_SIGNATURE[1], |
| 656 | NTLMv2_BLOB_SIGNATURE[2], NTLMv2_BLOB_SIGNATURE[3], |
| 657 | 0, 0, 0, 0, |
| 658 | LONGQUARTET(tw.dwLowDateTime), LONGQUARTET(tw.dwHighDateTime)); |
| 659 | |
| 660 | memcpy(ptr + 32, challenge_client, 8); |
| 661 | memcpy(ptr + 44, ntlm->target_info, ntlm->target_info_len); |
| 662 | |
| 663 | /* Concatenate the Type 2 challenge with the BLOB and do HMAC MD5 */ |
| 664 | memcpy(ptr + 8, &ntlm->nonce[0], 8); |
| 665 | result = Curl_hmacit(Curl_HMAC_MD5, ntlmv2hash, HMAC_MD5_LENGTH, ptr + 8, |
| 666 | NTLMv2_BLOB_LEN + 8, hmac_output); |
| 667 | if(result) { |
| 668 | free(ptr); |
| 669 | return result; |
| 670 | } |
| 671 | |
| 672 | /* Concatenate the HMAC MD5 output with the BLOB */ |
| 673 | memcpy(ptr, hmac_output, HMAC_MD5_LENGTH); |
| 674 | |
| 675 | /* Return the response */ |
| 676 | *ntresp = ptr; |
| 677 | *ntresp_len = len; |
| 678 | |
| 679 | return result; |
| 680 | } |
| 681 | |
| 682 | /* |
| 683 | * Curl_ntlm_core_mk_lmv2_resp() |
| 684 | * |
| 685 | * This creates the LMv2 response as used in the ntlm type-3 message. |
| 686 | * |
| 687 | * Parameters: |
| 688 | * |
| 689 | * ntlmv2hash [in] - The ntlmv2 hash (16 bytes) |
| 690 | * challenge_client [in] - The client nonce (8 bytes) |
| 691 | * challenge_client [in] - The server challenge (8 bytes) |
| 692 | * lmresp [out] - The LMv2 response (24 bytes) |
| 693 | * |
| 694 | * Returns CURLE_OK on success. |
| 695 | */ |
| 696 | CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash, |
| 697 | unsigned char *challenge_client, |
| 698 | unsigned char *challenge_server, |
| 699 | unsigned char *lmresp) |
| 700 | { |
| 701 | unsigned char data[16]; |
| 702 | unsigned char hmac_output[16]; |
| 703 | CURLcode result = CURLE_OK; |
| 704 | |
| 705 | memcpy(&data[0], challenge_server, 8); |
| 706 | memcpy(&data[8], challenge_client, 8); |
| 707 | |
| 708 | result = Curl_hmacit(Curl_HMAC_MD5, ntlmv2hash, 16, &data[0], 16, |
| 709 | hmac_output); |
| 710 | if(result) |
| 711 | return result; |
| 712 | |
| 713 | /* Concatenate the HMAC MD5 output with the client nonce */ |
| 714 | memcpy(lmresp, hmac_output, 16); |
| 715 | memcpy(lmresp + 16, challenge_client, 8); |
| 716 | |
| 717 | return result; |
| 718 | } |
| 719 | |
| 720 | #endif /* !USE_WINDOWS_SSPI */ |
| 721 | |
| 722 | #endif /* USE_CURL_NTLM_CORE */ |
| 723 |
Generated on 2022-Sep-26 from project tensorflow revision f2e850b6cce
Powered by 
Code Browser 2.1
Generator usage only permitted with license.