/src/FreeRDP/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
Line | Count | Source |
1 | | /** |
2 | | * WinPR: Windows Portable Runtime |
3 | | * NTLM Security Package (Compute) |
4 | | * |
5 | | * Copyright 2011-2014 Marc-Andre Moreau <marcandre.moreau@gmail.com> |
6 | | * |
7 | | * Licensed under the Apache License, Version 2.0 (the "License"); |
8 | | * you may not use this file except in compliance with the License. |
9 | | * You may obtain a copy of the License at |
10 | | * |
11 | | * http://www.apache.org/licenses/LICENSE-2.0 |
12 | | * |
13 | | * Unless required by applicable law or agreed to in writing, software |
14 | | * distributed under the License is distributed on an "AS IS" BASIS, |
15 | | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
16 | | * See the License for the specific language governing permissions and |
17 | | * limitations under the License. |
18 | | */ |
19 | | |
20 | | #include <winpr/config.h> |
21 | | |
22 | | #include <winpr/assert.h> |
23 | | |
24 | | #include "ntlm.h" |
25 | | #include "../sspi.h" |
26 | | |
27 | | #include <winpr/crt.h> |
28 | | #include <winpr/sam.h> |
29 | | #include <winpr/ntlm.h> |
30 | | #include <winpr/print.h> |
31 | | #include <winpr/crypto.h> |
32 | | #include <winpr/sysinfo.h> |
33 | | |
34 | | #include "ntlm_compute.h" |
35 | | |
36 | | #include "../../log.h" |
37 | 1.90k | #define TAG WINPR_TAG("sspi.NTLM") |
38 | | |
39 | | #define NTLM_CheckAndLogRequiredCapacity(tag, s, nmemb, what) \ |
40 | 0 | Stream_CheckAndLogRequiredCapacityEx(tag, WLOG_WARN, s, nmemb, 1, "%s(%s:%" PRIuz ") " what, \ |
41 | 0 | __func__, __FILE__, (size_t)__LINE__) |
42 | | |
43 | | static char NTLM_CLIENT_SIGN_MAGIC[] = "session key to client-to-server signing key magic constant"; |
44 | | static char NTLM_SERVER_SIGN_MAGIC[] = "session key to server-to-client signing key magic constant"; |
45 | | static char NTLM_CLIENT_SEAL_MAGIC[] = "session key to client-to-server sealing key magic constant"; |
46 | | static char NTLM_SERVER_SEAL_MAGIC[] = "session key to server-to-client sealing key magic constant"; |
47 | | |
48 | | static const BYTE NTLM_NULL_BUFFER[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
49 | | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; |
50 | | |
51 | | /** |
52 | | * Populate VERSION structure msdn{cc236654} |
53 | | * @param versionInfo A pointer to the version struct |
54 | | * |
55 | | * @return \b TRUE for success, \b FALSE for failure |
56 | | */ |
57 | | |
58 | | BOOL ntlm_get_version_info(NTLM_VERSION_INFO* versionInfo) |
59 | 1.92k | { |
60 | 1.92k | WINPR_ASSERT(versionInfo); |
61 | | |
62 | | #if defined(WITH_WINPR_DEPRECATED) |
63 | | OSVERSIONINFOA osVersionInfo = WINPR_C_ARRAY_INIT; |
64 | | osVersionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOA); |
65 | | if (!GetVersionExA(&osVersionInfo)) |
66 | | return FALSE; |
67 | | versionInfo->ProductMajorVersion = (UINT8)osVersionInfo.dwMajorVersion; |
68 | | versionInfo->ProductMinorVersion = (UINT8)osVersionInfo.dwMinorVersion; |
69 | | versionInfo->ProductBuild = (UINT16)osVersionInfo.dwBuildNumber; |
70 | | #else |
71 | | /* Always return fixed version number. |
72 | | * |
73 | | * ProductVersion is fixed since windows 10 to Major 10, Minor 0 |
74 | | * ProductBuild taken from https://en.wikipedia.org/wiki/Windows_11_version_history |
75 | | * with most recent (pre) release build number |
76 | | */ |
77 | 1.92k | versionInfo->ProductMajorVersion = 10; |
78 | 1.92k | versionInfo->ProductMinorVersion = 0; |
79 | 1.92k | versionInfo->ProductBuild = 22631; |
80 | 1.92k | #endif |
81 | 1.92k | ZeroMemory(versionInfo->Reserved, sizeof(versionInfo->Reserved)); |
82 | 1.92k | versionInfo->NTLMRevisionCurrent = NTLMSSP_REVISION_W2K3; |
83 | 1.92k | return TRUE; |
84 | 1.92k | } |
85 | | |
86 | | /** |
87 | | * Read VERSION structure. msdn{cc236654} |
88 | | * @param s A pointer to a stream to read |
89 | | * @param versionInfo A pointer to the struct to read data to |
90 | | * |
91 | | * @return \b TRUE for success, \b FALSE for failure |
92 | | */ |
93 | | |
94 | | BOOL ntlm_read_version_info(wStream* s, NTLM_VERSION_INFO* versionInfo) |
95 | 793 | { |
96 | 793 | WINPR_ASSERT(s); |
97 | 793 | WINPR_ASSERT(versionInfo); |
98 | | |
99 | 793 | if (!Stream_CheckAndLogRequiredLength(TAG, s, 8)) |
100 | 10 | return FALSE; |
101 | | |
102 | 783 | Stream_Read_UINT8(s, versionInfo->ProductMajorVersion); /* ProductMajorVersion (1 byte) */ |
103 | 783 | Stream_Read_UINT8(s, versionInfo->ProductMinorVersion); /* ProductMinorVersion (1 byte) */ |
104 | 783 | Stream_Read_UINT16(s, versionInfo->ProductBuild); /* ProductBuild (2 bytes) */ |
105 | 783 | Stream_Read(s, versionInfo->Reserved, sizeof(versionInfo->Reserved)); /* Reserved (3 bytes) */ |
106 | 783 | Stream_Read_UINT8(s, versionInfo->NTLMRevisionCurrent); /* NTLMRevisionCurrent (1 byte) */ |
107 | 783 | return TRUE; |
108 | 793 | } |
109 | | |
110 | | /** |
111 | | * Write VERSION structure. msdn{cc236654} |
112 | | * @param s A pointer to the stream to write to |
113 | | * @param versionInfo A pointer to the buffer to read the data from |
114 | | * |
115 | | * @return \b TRUE for success, \b FALSE for failure |
116 | | */ |
117 | | |
118 | | BOOL ntlm_write_version_info(wStream* s, const NTLM_VERSION_INFO* versionInfo) |
119 | 1.90k | { |
120 | 1.90k | WINPR_ASSERT(s); |
121 | 1.90k | WINPR_ASSERT(versionInfo); |
122 | | |
123 | 1.90k | if (!Stream_CheckAndLogRequiredCapacityEx( |
124 | 1.90k | TAG, WLOG_WARN, s, 5ull + sizeof(versionInfo->Reserved), 1ull, |
125 | 1.90k | "%s(%s:%" PRIuz ") NTLM_VERSION_INFO", __func__, __FILE__, (size_t)__LINE__)) |
126 | 0 | return FALSE; |
127 | | |
128 | 1.90k | Stream_Write_UINT8(s, versionInfo->ProductMajorVersion); /* ProductMajorVersion (1 byte) */ |
129 | 1.90k | Stream_Write_UINT8(s, versionInfo->ProductMinorVersion); /* ProductMinorVersion (1 byte) */ |
130 | 1.90k | Stream_Write_UINT16(s, versionInfo->ProductBuild); /* ProductBuild (2 bytes) */ |
131 | 1.90k | Stream_Write(s, versionInfo->Reserved, sizeof(versionInfo->Reserved)); /* Reserved (3 bytes) */ |
132 | 1.90k | Stream_Write_UINT8(s, versionInfo->NTLMRevisionCurrent); /* NTLMRevisionCurrent (1 byte) */ |
133 | 1.90k | return TRUE; |
134 | 1.90k | } |
135 | | |
136 | | /** |
137 | | * Print VERSION structure. msdn{cc236654} |
138 | | * @param versionInfo A pointer to the struct containing the data to print |
139 | | */ |
140 | | #ifdef WITH_DEBUG_NTLM |
141 | | void ntlm_print_version_info(const NTLM_VERSION_INFO* versionInfo) |
142 | | { |
143 | | WINPR_ASSERT(versionInfo); |
144 | | |
145 | | WLog_VRB(TAG, "VERSION ={"); |
146 | | WLog_VRB(TAG, "\tProductMajorVersion: %" PRIu8 "", versionInfo->ProductMajorVersion); |
147 | | WLog_VRB(TAG, "\tProductMinorVersion: %" PRIu8 "", versionInfo->ProductMinorVersion); |
148 | | WLog_VRB(TAG, "\tProductBuild: %" PRIu16 "", versionInfo->ProductBuild); |
149 | | WLog_VRB(TAG, "\tReserved: 0x%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "", versionInfo->Reserved[0], |
150 | | versionInfo->Reserved[1], versionInfo->Reserved[2]); |
151 | | WLog_VRB(TAG, "\tNTLMRevisionCurrent: 0x%02" PRIX8 "", versionInfo->NTLMRevisionCurrent); |
152 | | } |
153 | | #endif |
154 | | |
155 | | static BOOL ntlm_read_ntlm_v2_client_challenge(wStream* s, NTLMv2_CLIENT_CHALLENGE* challenge) |
156 | 247 | { |
157 | 247 | size_t size = 0; |
158 | 247 | WINPR_ASSERT(s); |
159 | 247 | WINPR_ASSERT(challenge); |
160 | | |
161 | 247 | if (!Stream_CheckAndLogRequiredLength(TAG, s, 28)) |
162 | 1 | return FALSE; |
163 | | |
164 | 246 | Stream_Read_UINT8(s, challenge->RespType); |
165 | 246 | Stream_Read_UINT8(s, challenge->HiRespType); |
166 | 246 | Stream_Read_UINT16(s, challenge->Reserved1); |
167 | 246 | Stream_Read_UINT32(s, challenge->Reserved2); |
168 | 246 | Stream_Read(s, challenge->Timestamp, 8); |
169 | 246 | Stream_Read(s, challenge->ClientChallenge, 8); |
170 | 246 | Stream_Read_UINT32(s, challenge->Reserved3); |
171 | 246 | size = Stream_Length(s) - Stream_GetPosition(s); |
172 | | |
173 | 246 | if (size > UINT32_MAX) |
174 | 0 | { |
175 | 0 | WLog_ERR(TAG, "NTLMv2_CLIENT_CHALLENGE::cbAvPairs too large, got %" PRIuz "bytes", size); |
176 | 0 | return FALSE; |
177 | 0 | } |
178 | | |
179 | 246 | challenge->cbAvPairs = (UINT32)size; |
180 | 246 | challenge->AvPairs = (NTLM_AV_PAIR*)malloc(challenge->cbAvPairs); |
181 | | |
182 | 246 | if (!challenge->AvPairs) |
183 | 0 | { |
184 | 0 | WLog_ERR(TAG, "NTLMv2_CLIENT_CHALLENGE::AvPairs failed to allocate %" PRIu32 "bytes", |
185 | 0 | challenge->cbAvPairs); |
186 | 0 | return FALSE; |
187 | 0 | } |
188 | | |
189 | 246 | Stream_Read(s, challenge->AvPairs, size); |
190 | 246 | return TRUE; |
191 | 246 | } |
192 | | |
193 | | static BOOL ntlm_write_ntlm_v2_client_challenge(wStream* s, |
194 | | const NTLMv2_CLIENT_CHALLENGE* challenge) |
195 | 0 | { |
196 | 0 | ULONG length = 0; |
197 | |
|
198 | 0 | WINPR_ASSERT(s); |
199 | 0 | WINPR_ASSERT(challenge); |
200 | |
|
201 | 0 | if (!NTLM_CheckAndLogRequiredCapacity(TAG, s, 28, "NTLMv2_CLIENT_CHALLENGE")) |
202 | 0 | return FALSE; |
203 | | |
204 | 0 | Stream_Write_UINT8(s, challenge->RespType); |
205 | 0 | Stream_Write_UINT8(s, challenge->HiRespType); |
206 | 0 | Stream_Write_UINT16(s, challenge->Reserved1); |
207 | 0 | Stream_Write_UINT32(s, challenge->Reserved2); |
208 | 0 | Stream_Write(s, challenge->Timestamp, 8); |
209 | 0 | Stream_Write(s, challenge->ClientChallenge, 8); |
210 | 0 | Stream_Write_UINT32(s, challenge->Reserved3); |
211 | 0 | length = ntlm_av_pair_list_length(challenge->AvPairs, challenge->cbAvPairs); |
212 | |
|
213 | 0 | if (!Stream_CheckAndLogRequiredLength(TAG, s, length)) |
214 | 0 | return FALSE; |
215 | | |
216 | 0 | Stream_Write(s, challenge->AvPairs, length); |
217 | 0 | return TRUE; |
218 | 0 | } |
219 | | |
220 | | BOOL ntlm_read_ntlm_v2_response(wStream* s, NTLMv2_RESPONSE* response) |
221 | 250 | { |
222 | 250 | WINPR_ASSERT(s); |
223 | 250 | WINPR_ASSERT(response); |
224 | | |
225 | 250 | if (!Stream_CheckAndLogRequiredLength(TAG, s, 16)) |
226 | 3 | return FALSE; |
227 | | |
228 | 247 | Stream_Read(s, response->Response, 16); |
229 | 247 | return ntlm_read_ntlm_v2_client_challenge(s, &(response->Challenge)); |
230 | 250 | } |
231 | | |
232 | | BOOL ntlm_write_ntlm_v2_response(wStream* s, const NTLMv2_RESPONSE* response) |
233 | 0 | { |
234 | 0 | WINPR_ASSERT(s); |
235 | 0 | WINPR_ASSERT(response); |
236 | |
|
237 | 0 | if (!NTLM_CheckAndLogRequiredCapacity(TAG, s, 16ull, "NTLMv2_RESPONSE")) |
238 | 0 | return FALSE; |
239 | | |
240 | 0 | Stream_Write(s, response->Response, 16); |
241 | 0 | return ntlm_write_ntlm_v2_client_challenge(s, &(response->Challenge)); |
242 | 0 | } |
243 | | |
244 | | /** |
245 | | * Get current time, in tenths of microseconds since midnight of January 1, 1601. |
246 | | * @param[out] timestamp 64-bit little-endian timestamp |
247 | | */ |
248 | | |
249 | | static void ntlm_current_time(BYTE* timestamp, WINPR_ATTR_UNUSED size_t size) |
250 | 720 | { |
251 | 720 | FILETIME ft = WINPR_C_ARRAY_INIT; |
252 | | |
253 | 720 | WINPR_ASSERT(timestamp); |
254 | 720 | WINPR_ASSERT(size >= sizeof(ft)); |
255 | | |
256 | 720 | GetSystemTimeAsFileTime(&ft); |
257 | 720 | CopyMemory(timestamp, &(ft), sizeof(ft)); |
258 | 720 | } |
259 | | |
260 | | /** |
261 | | * Generate timestamp for AUTHENTICATE_MESSAGE. |
262 | | * |
263 | | * @param context A pointer to the NTLM context |
264 | | */ |
265 | | |
266 | | void ntlm_generate_timestamp(NTLM_CONTEXT* context) |
267 | 784 | { |
268 | 784 | WINPR_ASSERT(context); |
269 | | |
270 | 784 | if (memcmp(context->ChallengeTimestamp, NTLM_NULL_BUFFER, 8) != 0) |
271 | 64 | CopyMemory(context->Timestamp, context->ChallengeTimestamp, 8); |
272 | 720 | else |
273 | 720 | ntlm_current_time(context->Timestamp, sizeof(context->Timestamp)); |
274 | 784 | } |
275 | | |
276 | | static BOOL ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash) |
277 | 0 | { |
278 | 0 | BOOL rc = FALSE; |
279 | 0 | WINPR_SAM_ENTRY* entry = nullptr; |
280 | |
|
281 | 0 | WINPR_ASSERT(context); |
282 | 0 | WINPR_ASSERT(hash); |
283 | |
|
284 | 0 | SSPI_CREDENTIALS* credentials = context->credentials; |
285 | 0 | WINPR_SAM* sam = SamOpen(context->SamFile, TRUE); |
286 | |
|
287 | 0 | if (!sam) |
288 | 0 | goto fail; |
289 | | |
290 | 0 | if ((credentials->identity.Flags & SEC_WINNT_AUTH_IDENTITY_UNICODE) != 0) |
291 | 0 | { |
292 | 0 | entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User, |
293 | 0 | credentials->identity.UserLength * sizeof(WCHAR), |
294 | 0 | (LPWSTR)credentials->identity.Domain, |
295 | 0 | credentials->identity.DomainLength * sizeof(WCHAR)); |
296 | |
|
297 | 0 | if (!entry) |
298 | 0 | { |
299 | 0 | entry = SamLookupUserW(sam, (LPWSTR)credentials->identity.User, |
300 | 0 | credentials->identity.UserLength * sizeof(WCHAR), nullptr, 0); |
301 | 0 | } |
302 | 0 | } |
303 | 0 | else if ((credentials->identity.Flags & SEC_WINNT_AUTH_IDENTITY_ANSI) != 0) |
304 | 0 | { |
305 | 0 | entry = SamLookupUserA( |
306 | 0 | sam, (char*)credentials->identity.User, credentials->identity.UserLength * sizeof(CHAR), |
307 | 0 | (char*)credentials->identity.Domain, credentials->identity.DomainLength * sizeof(CHAR)); |
308 | |
|
309 | 0 | if (!entry) |
310 | 0 | { |
311 | 0 | entry = SamLookupUserA(sam, (char*)credentials->identity.User, |
312 | 0 | credentials->identity.UserLength * sizeof(CHAR), nullptr, 0); |
313 | 0 | } |
314 | 0 | } |
315 | 0 | else |
316 | 0 | goto fail; |
317 | | |
318 | 0 | if (!entry) |
319 | 0 | goto fail; |
320 | | |
321 | | #ifdef WITH_DEBUG_NTLM |
322 | | WLog_VRB(TAG, "NTLM Hash:"); |
323 | | winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16); |
324 | | #endif |
325 | 0 | rc = NTOWFv2FromHashW(entry->NtHash, (LPWSTR)credentials->identity.User, |
326 | 0 | credentials->identity.UserLength * sizeof(WCHAR), |
327 | 0 | (LPWSTR)credentials->identity.Domain, |
328 | 0 | credentials->identity.DomainLength * sizeof(WCHAR), hash); |
329 | |
|
330 | 0 | fail: |
331 | 0 | SamFreeEntry(sam, entry); |
332 | 0 | SamClose(sam); |
333 | 0 | if (!rc) |
334 | 0 | WLog_ERR(TAG, "Error: Could not find user in SAM database"); |
335 | |
|
336 | 0 | return rc; |
337 | 0 | } |
338 | | |
339 | | static int hexchar2nibble(WCHAR wc) |
340 | 0 | { |
341 | | #if defined(__BIG_ENDIAN__) |
342 | | union |
343 | | { |
344 | | BYTE b[2]; |
345 | | WCHAR w; |
346 | | } cnv; |
347 | | cnv.w = wc; |
348 | | const BYTE b = cnv.b[0]; |
349 | | cnv.b[0] = cnv.b[1]; |
350 | | cnv.b[1] = b; |
351 | | wc = cnv.w; |
352 | | #endif |
353 | |
|
354 | 0 | switch (wc) |
355 | 0 | { |
356 | 0 | case L'0': |
357 | 0 | case L'1': |
358 | 0 | case L'2': |
359 | 0 | case L'3': |
360 | 0 | case L'4': |
361 | 0 | case L'5': |
362 | 0 | case L'6': |
363 | 0 | case L'7': |
364 | 0 | case L'8': |
365 | 0 | case L'9': |
366 | 0 | return wc - L'0'; |
367 | 0 | case L'a': |
368 | 0 | case L'b': |
369 | 0 | case L'c': |
370 | 0 | case L'd': |
371 | 0 | case L'e': |
372 | 0 | case L'f': |
373 | 0 | return wc - L'a' + 10; |
374 | 0 | case L'A': |
375 | 0 | case L'B': |
376 | 0 | case L'C': |
377 | 0 | case L'D': |
378 | 0 | case L'E': |
379 | 0 | case L'F': |
380 | 0 | return wc - L'A' + 10; |
381 | 0 | default: |
382 | 0 | return -1; |
383 | 0 | } |
384 | 0 | } |
385 | | static int ntlm_convert_password_hash(NTLM_CONTEXT* context, BYTE* hash, size_t hashlen) |
386 | 0 | { |
387 | 0 | const size_t required_len = 2ull * hashlen; |
388 | |
|
389 | 0 | WINPR_ASSERT(context); |
390 | 0 | WINPR_ASSERT(hash); |
391 | |
|
392 | 0 | SSPI_CREDENTIALS* credentials = context->credentials; |
393 | 0 | const ULONG PasswordHashLength = credentials->identity.PasswordLength; |
394 | |
|
395 | 0 | if (PasswordHashLength != required_len) |
396 | 0 | { |
397 | 0 | WLog_ERR(TAG, |
398 | 0 | "PasswordHash has invalid length %" PRIu32 " must be exactly %" PRIuz " bytes", |
399 | 0 | PasswordHashLength, required_len); |
400 | 0 | return -1; |
401 | 0 | } |
402 | | |
403 | 0 | const WCHAR* PasswordHash = credentials->identity.Password; |
404 | 0 | for (size_t x = 0; x < hashlen; x++) |
405 | 0 | { |
406 | 0 | const int hi = hexchar2nibble(PasswordHash[2 * x]); |
407 | 0 | if (hi < 0) |
408 | 0 | { |
409 | 0 | WLog_ERR(TAG, "PasswordHash has an invalid value at position %" PRIuz, 2 * x); |
410 | 0 | return -1; |
411 | 0 | } |
412 | 0 | const int lo = hexchar2nibble(PasswordHash[2 * x + 1]); |
413 | 0 | if (lo < 0) |
414 | 0 | { |
415 | 0 | WLog_ERR(TAG, "PasswordHash has an invalid value at position %" PRIuz, 2 * x + 1); |
416 | 0 | return -1; |
417 | 0 | } |
418 | 0 | const BYTE val = (BYTE)((hi << 4) | lo); |
419 | 0 | hash[x] = val; |
420 | 0 | } |
421 | | |
422 | 0 | return 1; |
423 | 0 | } |
424 | | |
425 | | static BOOL ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash) |
426 | 930 | { |
427 | 930 | WINPR_ASSERT(context); |
428 | 930 | WINPR_ASSERT(hash); |
429 | | |
430 | 930 | SSPI_CREDENTIALS* credentials = context->credentials; |
431 | | #ifdef WITH_DEBUG_NTLM |
432 | | |
433 | | if (credentials) |
434 | | { |
435 | | WLog_VRB(TAG, "Password (length = %" PRIu32 ")", credentials->identity.PasswordLength * 2); |
436 | | winpr_HexDump(TAG, WLOG_TRACE, (BYTE*)credentials->identity.Password, |
437 | | credentials->identity.PasswordLength * 2); |
438 | | WLog_VRB(TAG, "Username (length = %" PRIu32 ")", credentials->identity.UserLength * 2); |
439 | | winpr_HexDump(TAG, WLOG_TRACE, (BYTE*)credentials->identity.User, |
440 | | credentials->identity.UserLength * 2); |
441 | | WLog_VRB(TAG, "Domain (length = %" PRIu32 ")", credentials->identity.DomainLength * 2); |
442 | | winpr_HexDump(TAG, WLOG_TRACE, (BYTE*)credentials->identity.Domain, |
443 | | credentials->identity.DomainLength * 2); |
444 | | } |
445 | | else |
446 | | WLog_VRB(TAG, "Strange, NTLM_CONTEXT is missing valid credentials..."); |
447 | | |
448 | | WLog_VRB(TAG, "Workstation (length = %" PRIu16 ")", context->Workstation.Length); |
449 | | winpr_HexDump(TAG, WLOG_TRACE, (BYTE*)context->Workstation.Buffer, context->Workstation.Length); |
450 | | WLog_VRB(TAG, "NTOWFv2, NTLMv2 Hash"); |
451 | | winpr_HexDump(TAG, WLOG_TRACE, context->NtlmV2Hash, WINPR_MD5_DIGEST_LENGTH); |
452 | | #endif |
453 | | |
454 | 930 | if (memcmp(context->NtlmV2Hash, NTLM_NULL_BUFFER, 16) != 0) |
455 | 727 | return TRUE; |
456 | | |
457 | 203 | if (!credentials) |
458 | 0 | return FALSE; |
459 | 203 | else if (memcmp(context->NtlmHash, NTLM_NULL_BUFFER, 16) != 0) |
460 | 0 | { |
461 | 0 | if ((credentials->identity.Flags & SEC_WINNT_AUTH_IDENTITY_UNICODE) != 0) |
462 | 0 | { |
463 | 0 | return NTOWFv2FromHashW(context->NtlmHash, (LPWSTR)credentials->identity.User, |
464 | 0 | credentials->identity.UserLength * 2, |
465 | 0 | (LPWSTR)credentials->identity.Domain, |
466 | 0 | credentials->identity.DomainLength * 2, hash); |
467 | 0 | } |
468 | 0 | else if ((credentials->identity.Flags & SEC_WINNT_AUTH_IDENTITY_ANSI) != 0) |
469 | 0 | { |
470 | 0 | return NTOWFv2FromHashA(context->NtlmHash, (char*)credentials->identity.User, |
471 | 0 | credentials->identity.UserLength, |
472 | 0 | (char*)credentials->identity.Domain, |
473 | 0 | credentials->identity.DomainLength, hash); |
474 | 0 | } |
475 | 0 | else |
476 | 0 | return FALSE; |
477 | 0 | } |
478 | 203 | else if (credentials->identity.Flags & SEC_WINPR_AUTH_IDENTITY_PASSWORD_HASH) |
479 | 0 | { |
480 | | /* Special case for WinPR: password hash */ |
481 | 0 | if (ntlm_convert_password_hash(context, context->NtlmHash, sizeof(context->NtlmHash)) < 0) |
482 | 0 | return FALSE; |
483 | | |
484 | 0 | return NTOWFv2FromHashW(context->NtlmHash, (LPWSTR)credentials->identity.User, |
485 | 0 | credentials->identity.UserLength * 2, |
486 | 0 | (LPWSTR)credentials->identity.Domain, |
487 | 0 | credentials->identity.DomainLength * 2, hash); |
488 | 0 | } |
489 | 203 | else if (credentials->identity.Password) |
490 | 203 | { |
491 | 203 | return NTOWFv2W( |
492 | 203 | (LPWSTR)credentials->identity.Password, credentials->identity.PasswordLength * 2, |
493 | 203 | (LPWSTR)credentials->identity.User, credentials->identity.UserLength * 2, |
494 | 203 | (LPWSTR)credentials->identity.Domain, credentials->identity.DomainLength * 2, hash); |
495 | 203 | } |
496 | 0 | else if (context->HashCallback) |
497 | 0 | { |
498 | 0 | SecBuffer proofValue = WINPR_C_ARRAY_INIT; |
499 | 0 | SecBuffer micValue = WINPR_C_ARRAY_INIT; |
500 | |
|
501 | 0 | if (ntlm_computeProofValue(context, &proofValue) != SEC_E_OK) |
502 | 0 | return FALSE; |
503 | | |
504 | 0 | if (ntlm_computeMicValue(context, &micValue) != SEC_E_OK) |
505 | 0 | { |
506 | 0 | sspi_SecBufferFree(&proofValue); |
507 | 0 | return FALSE; |
508 | 0 | } |
509 | | |
510 | 0 | const SECURITY_STATUS ret = context->HashCallback( |
511 | 0 | context->HashCallbackArg, &credentials->identity, &proofValue, |
512 | 0 | context->EncryptedRandomSessionKey, context->AUTHENTICATE_MESSAGE.MessageIntegrityCheck, |
513 | 0 | &micValue, hash); |
514 | 0 | sspi_SecBufferFree(&proofValue); |
515 | 0 | sspi_SecBufferFree(&micValue); |
516 | 0 | return ret == SEC_E_OK; |
517 | 0 | } |
518 | 0 | else if (context->UseSamFileDatabase) |
519 | 0 | { |
520 | 0 | return ntlm_fetch_ntlm_v2_hash(context, hash); |
521 | 0 | } |
522 | | |
523 | 0 | return TRUE; |
524 | 203 | } |
525 | | |
526 | | SECURITY_STATUS ntlm_compute_lm_v2_response(NTLM_CONTEXT* context) |
527 | 465 | { |
528 | 465 | BYTE* response = nullptr; |
529 | 465 | BYTE value[WINPR_MD5_DIGEST_LENGTH] = WINPR_C_ARRAY_INIT; |
530 | | |
531 | 465 | WINPR_ASSERT(context); |
532 | | |
533 | 465 | if (context->LmCompatibilityLevel < 2) |
534 | 0 | { |
535 | 0 | if (!sspi_SecBufferAlloc(&context->LmChallengeResponse, 24)) |
536 | 0 | return SEC_E_INSUFFICIENT_MEMORY; |
537 | | |
538 | 0 | ZeroMemory(context->LmChallengeResponse.pvBuffer, 24); |
539 | 0 | return SEC_E_OK; |
540 | 0 | } |
541 | | |
542 | | /* Compute the NTLMv2 hash */ |
543 | | |
544 | 465 | if (!ntlm_compute_ntlm_v2_hash(context, context->NtlmV2Hash)) |
545 | 0 | return SEC_E_NO_CREDENTIALS; |
546 | | |
547 | | /* Concatenate the server and client challenges */ |
548 | 465 | CopyMemory(value, context->ServerChallenge, 8); |
549 | 465 | CopyMemory(&value[8], context->ClientChallenge, 8); |
550 | | |
551 | 465 | if (!sspi_SecBufferAlloc(&context->LmChallengeResponse, 24)) |
552 | 0 | return SEC_E_INSUFFICIENT_MEMORY; |
553 | | |
554 | 465 | response = (BYTE*)context->LmChallengeResponse.pvBuffer; |
555 | | /* Compute the HMAC-MD5 hash of the resulting value using the NTLMv2 hash as the key */ |
556 | 465 | if (!winpr_HMAC(WINPR_MD_MD5, (void*)context->NtlmV2Hash, WINPR_MD5_DIGEST_LENGTH, (BYTE*)value, |
557 | 465 | WINPR_MD5_DIGEST_LENGTH, response, WINPR_MD5_DIGEST_LENGTH)) |
558 | 0 | return SEC_E_ALGORITHM_MISMATCH; |
559 | | |
560 | | /* Concatenate the resulting HMAC-MD5 hash and the client challenge, giving us the LMv2 response |
561 | | * (24 bytes) */ |
562 | 465 | CopyMemory(&response[16], context->ClientChallenge, 8); |
563 | 465 | return SEC_E_OK; |
564 | 465 | } |
565 | | |
566 | | /** |
567 | | * Compute NTLMv2 Response. |
568 | | * |
569 | | * NTLMv2_RESPONSE msdn{cc236653} |
570 | | * NTLMv2 Authentication msdn{cc236700} |
571 | | * |
572 | | * @param context A pointer to the NTLM context |
573 | | * @return \b TRUE for success, \b FALSE for failure |
574 | | */ |
575 | | |
576 | | SECURITY_STATUS ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context) |
577 | 465 | { |
578 | 465 | SecBuffer ntlm_v2_temp = WINPR_C_ARRAY_INIT; |
579 | 465 | SecBuffer ntlm_v2_temp_chal = WINPR_C_ARRAY_INIT; |
580 | | |
581 | 465 | WINPR_ASSERT(context); |
582 | | |
583 | 465 | PSecBuffer TargetInfo = &context->ChallengeTargetInfo; |
584 | 465 | SECURITY_STATUS ret = SEC_E_INSUFFICIENT_MEMORY; |
585 | | |
586 | 465 | if (!sspi_SecBufferAlloc(&ntlm_v2_temp, TargetInfo->cbBuffer + 28)) |
587 | 0 | goto exit; |
588 | | |
589 | 465 | ZeroMemory(ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer); |
590 | 465 | { |
591 | 465 | BYTE* blob = (BYTE*)ntlm_v2_temp.pvBuffer; |
592 | | |
593 | | /* Compute the NTLMv2 hash */ |
594 | 465 | ret = SEC_E_NO_CREDENTIALS; |
595 | 465 | if (!ntlm_compute_ntlm_v2_hash(context, (BYTE*)context->NtlmV2Hash)) |
596 | 0 | goto exit; |
597 | | |
598 | | /* Construct temp */ |
599 | 465 | blob[0] = 1; /* RespType (1 byte) */ |
600 | 465 | blob[1] = 1; /* HighRespType (1 byte) */ |
601 | | /* Reserved1 (2 bytes) */ |
602 | | /* Reserved2 (4 bytes) */ |
603 | 465 | CopyMemory(&blob[8], context->Timestamp, 8); /* Timestamp (8 bytes) */ |
604 | 465 | CopyMemory(&blob[16], context->ClientChallenge, 8); /* ClientChallenge (8 bytes) */ |
605 | | /* Reserved3 (4 bytes) */ |
606 | 465 | CopyMemory(&blob[28], TargetInfo->pvBuffer, TargetInfo->cbBuffer); |
607 | | #ifdef WITH_DEBUG_NTLM |
608 | | WLog_VRB(TAG, "NTLMv2 Response Temp Blob"); |
609 | | winpr_HexDump(TAG, WLOG_TRACE, ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer); |
610 | | #endif |
611 | 465 | } |
612 | | /* Concatenate server challenge with temp */ |
613 | 465 | ret = SEC_E_INSUFFICIENT_MEMORY; |
614 | 465 | if (!sspi_SecBufferAlloc(&ntlm_v2_temp_chal, ntlm_v2_temp.cbBuffer + 8)) |
615 | 0 | goto exit; |
616 | | |
617 | 465 | { |
618 | 465 | BYTE* blob = (BYTE*)ntlm_v2_temp_chal.pvBuffer; |
619 | 465 | CopyMemory(blob, context->ServerChallenge, 8); |
620 | 465 | CopyMemory(&blob[8], ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer); |
621 | 465 | if (!winpr_HMAC(WINPR_MD_MD5, (BYTE*)context->NtlmV2Hash, WINPR_MD5_DIGEST_LENGTH, |
622 | 465 | (BYTE*)ntlm_v2_temp_chal.pvBuffer, ntlm_v2_temp_chal.cbBuffer, |
623 | 465 | context->NtProofString, WINPR_MD5_DIGEST_LENGTH)) |
624 | 0 | goto exit; |
625 | 465 | } |
626 | | |
627 | | /* NtChallengeResponse, Concatenate NTProofStr with temp */ |
628 | | |
629 | 465 | if (!sspi_SecBufferAlloc(&context->NtChallengeResponse, ntlm_v2_temp.cbBuffer + 16)) |
630 | 0 | goto exit; |
631 | | |
632 | 465 | { |
633 | 465 | BYTE* blob = (BYTE*)context->NtChallengeResponse.pvBuffer; |
634 | 465 | CopyMemory(blob, context->NtProofString, WINPR_MD5_DIGEST_LENGTH); |
635 | 465 | CopyMemory(&blob[16], ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer); |
636 | 465 | } |
637 | | /* Compute SessionBaseKey, the HMAC-MD5 hash of NTProofStr using the NTLMv2 hash as the key */ |
638 | 465 | if (!winpr_HMAC(WINPR_MD_MD5, (BYTE*)context->NtlmV2Hash, WINPR_MD5_DIGEST_LENGTH, |
639 | 465 | context->NtProofString, WINPR_MD5_DIGEST_LENGTH, context->SessionBaseKey, |
640 | 465 | WINPR_MD5_DIGEST_LENGTH)) |
641 | 0 | goto exit; |
642 | 465 | ret = SEC_E_OK; |
643 | 465 | exit: |
644 | 465 | sspi_SecBufferFree(&ntlm_v2_temp); |
645 | 465 | sspi_SecBufferFree(&ntlm_v2_temp_chal); |
646 | 465 | return ret; |
647 | 465 | } |
648 | | |
649 | | /** |
650 | | * Encrypt the given plain text using RC4 and the given key. |
651 | | * @param key RC4 key |
652 | | * @param length text length |
653 | | * @param plaintext plain text |
654 | | * @param ciphertext cipher text |
655 | | */ |
656 | | |
657 | | BOOL ntlm_rc4k(BYTE* key, size_t length, BYTE* plaintext, BYTE* ciphertext) |
658 | 209 | { |
659 | 209 | WINPR_RC4_CTX* rc4 = winpr_RC4_New(key, 16); |
660 | | |
661 | 209 | if (!rc4) |
662 | 0 | return FALSE; |
663 | | |
664 | 209 | const BOOL rc = winpr_RC4_Update(rc4, length, plaintext, ciphertext); |
665 | 209 | winpr_RC4_Free(rc4); |
666 | 209 | return rc; |
667 | 209 | } |
668 | | |
669 | | /** |
670 | | * Generate client challenge (8-byte nonce). |
671 | | * @param context A pointer to the NTLM context |
672 | | */ |
673 | | |
674 | | BOOL ntlm_generate_client_challenge(NTLM_CONTEXT* context) |
675 | 632 | { |
676 | 632 | WINPR_ASSERT(context); |
677 | | |
678 | | /* ClientChallenge is used in computation of LMv2 and NTLMv2 responses */ |
679 | 632 | if (memcmp(context->ClientChallenge, NTLM_NULL_BUFFER, sizeof(context->ClientChallenge)) != 0) |
680 | 0 | return TRUE; |
681 | | |
682 | 632 | return winpr_RAND(context->ClientChallenge, sizeof(context->ClientChallenge)) >= 0; |
683 | 632 | } |
684 | | |
685 | | /** |
686 | | * Generate server challenge (8-byte nonce). |
687 | | * @param context A pointer to the NTLM context |
688 | | */ |
689 | | |
690 | | BOOL ntlm_generate_server_challenge(NTLM_CONTEXT* context) |
691 | 581 | { |
692 | 581 | WINPR_ASSERT(context); |
693 | | |
694 | 581 | if (memcmp(context->ServerChallenge, NTLM_NULL_BUFFER, sizeof(context->ServerChallenge)) != 0) |
695 | 0 | return TRUE; |
696 | | |
697 | 581 | return winpr_RAND(context->ServerChallenge, sizeof(context->ServerChallenge)) >= 0; |
698 | 581 | } |
699 | | |
700 | | /** |
701 | | * Generate KeyExchangeKey (the 128-bit SessionBaseKey). msdn{cc236710} |
702 | | * @param context A pointer to the NTLM context |
703 | | */ |
704 | | |
705 | | BOOL ntlm_generate_key_exchange_key(NTLM_CONTEXT* context) |
706 | 465 | { |
707 | 465 | WINPR_ASSERT(context); |
708 | 465 | WINPR_ASSERT(sizeof(context->KeyExchangeKey) == sizeof(context->SessionBaseKey)); |
709 | | |
710 | | /* In NTLMv2, KeyExchangeKey is the 128-bit SessionBaseKey */ |
711 | 465 | CopyMemory(context->KeyExchangeKey, context->SessionBaseKey, sizeof(context->KeyExchangeKey)); |
712 | 465 | return TRUE; |
713 | 465 | } |
714 | | |
715 | | /** |
716 | | * Generate RandomSessionKey (16-byte nonce). |
717 | | * @param context A pointer to the NTLM context |
718 | | */ |
719 | | |
720 | | BOOL ntlm_generate_random_session_key(NTLM_CONTEXT* context) |
721 | 203 | { |
722 | 203 | WINPR_ASSERT(context); |
723 | 203 | return winpr_RAND(context->RandomSessionKey, sizeof(context->RandomSessionKey)) >= 0; |
724 | 203 | } |
725 | | |
726 | | /** |
727 | | * Generate ExportedSessionKey (the RandomSessionKey, exported) |
728 | | * @param context A pointer to the NTLM context |
729 | | */ |
730 | | |
731 | | BOOL ntlm_generate_exported_session_key(NTLM_CONTEXT* context) |
732 | 465 | { |
733 | 465 | WINPR_ASSERT(context); |
734 | 465 | WINPR_ASSERT(sizeof(context->ExportedSessionKey) >= sizeof(context->RandomSessionKey)); |
735 | | |
736 | 465 | CopyMemory(context->ExportedSessionKey, context->RandomSessionKey, |
737 | 465 | sizeof(context->ExportedSessionKey)); |
738 | 465 | return TRUE; |
739 | 465 | } |
740 | | |
741 | | /** |
742 | | * Encrypt RandomSessionKey (RC4-encrypted RandomSessionKey, using KeyExchangeKey as the key). |
743 | | * @param context A pointer to the NTLM context |
744 | | */ |
745 | | |
746 | | BOOL ntlm_encrypt_random_session_key(NTLM_CONTEXT* context) |
747 | 203 | { |
748 | | /* In NTLMv2, EncryptedRandomSessionKey is the ExportedSessionKey RC4-encrypted with the |
749 | | * KeyExchangeKey */ |
750 | 203 | WINPR_ASSERT(context); |
751 | 203 | return ntlm_rc4k(context->KeyExchangeKey, 16, context->RandomSessionKey, |
752 | 203 | context->EncryptedRandomSessionKey); |
753 | 203 | } |
754 | | |
755 | | /** |
756 | | * Decrypt RandomSessionKey (RC4-encrypted RandomSessionKey, using KeyExchangeKey as the key). |
757 | | * @param context A pointer to the NTLM context |
758 | | */ |
759 | | |
760 | | BOOL ntlm_decrypt_random_session_key(NTLM_CONTEXT* context) |
761 | 262 | { |
762 | 262 | WINPR_ASSERT(context); |
763 | | |
764 | | /* In NTLMv2, EncryptedRandomSessionKey is the ExportedSessionKey RC4-encrypted with the |
765 | | * KeyExchangeKey */ |
766 | | |
767 | | /** |
768 | | * if (NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH) |
769 | | * Set RandomSessionKey to RC4K(KeyExchangeKey, |
770 | | * AUTHENTICATE_MESSAGE.EncryptedRandomSessionKey) else Set RandomSessionKey to KeyExchangeKey |
771 | | */ |
772 | 262 | if (context->NegotiateKeyExchange) |
773 | 6 | { |
774 | 6 | WINPR_ASSERT(sizeof(context->EncryptedRandomSessionKey) == |
775 | 6 | sizeof(context->RandomSessionKey)); |
776 | 6 | return ntlm_rc4k(context->KeyExchangeKey, sizeof(context->EncryptedRandomSessionKey), |
777 | 6 | context->EncryptedRandomSessionKey, context->RandomSessionKey); |
778 | 6 | } |
779 | 256 | else |
780 | 256 | { |
781 | 256 | WINPR_ASSERT(sizeof(context->RandomSessionKey) == sizeof(context->KeyExchangeKey)); |
782 | 256 | CopyMemory(context->RandomSessionKey, context->KeyExchangeKey, |
783 | 256 | sizeof(context->RandomSessionKey)); |
784 | 256 | } |
785 | 256 | return TRUE; |
786 | 262 | } |
787 | | |
788 | | /** |
789 | | * Generate signing key msdn{cc236711} |
790 | | * |
791 | | * @param exported_session_key ExportedSessionKey |
792 | | * @param sign_magic Sign magic string |
793 | | * @param signing_key Destination signing key |
794 | | * |
795 | | * @return \b TRUE for success, \b FALSE for failure |
796 | | */ |
797 | | |
798 | | static BOOL ntlm_generate_signing_key(BYTE* exported_session_key, const SecBuffer* sign_magic, |
799 | | BYTE* signing_key) |
800 | 812 | { |
801 | 812 | BOOL rc = FALSE; |
802 | | |
803 | 812 | WINPR_ASSERT(exported_session_key); |
804 | 812 | WINPR_ASSERT(sign_magic); |
805 | 812 | WINPR_ASSERT(signing_key); |
806 | | |
807 | 812 | const size_t length = WINPR_MD5_DIGEST_LENGTH + sign_magic->cbBuffer; |
808 | 812 | BYTE* value = (BYTE*)malloc(length); |
809 | | |
810 | 812 | if (!value) |
811 | 0 | goto out; |
812 | | |
813 | | /* Concatenate ExportedSessionKey with sign magic */ |
814 | 812 | CopyMemory(value, exported_session_key, WINPR_MD5_DIGEST_LENGTH); |
815 | 812 | CopyMemory(&value[WINPR_MD5_DIGEST_LENGTH], sign_magic->pvBuffer, sign_magic->cbBuffer); |
816 | | |
817 | 812 | rc = winpr_Digest(WINPR_MD_MD5, value, length, signing_key, WINPR_MD5_DIGEST_LENGTH); |
818 | | |
819 | 812 | out: |
820 | 812 | free(value); |
821 | 812 | return rc; |
822 | 812 | } |
823 | | |
824 | | /** |
825 | | * Generate client signing key (ClientSigningKey). msdn{cc236711} |
826 | | * @param context A pointer to the NTLM context |
827 | | * |
828 | | * @return \b TRUE for success, \b FALSE for failure |
829 | | */ |
830 | | |
831 | | BOOL ntlm_generate_client_signing_key(NTLM_CONTEXT* context) |
832 | 203 | { |
833 | 203 | const SecBuffer signMagic = { sizeof(NTLM_CLIENT_SIGN_MAGIC), 0, NTLM_CLIENT_SIGN_MAGIC }; |
834 | | |
835 | 203 | WINPR_ASSERT(context); |
836 | 203 | return ntlm_generate_signing_key(context->ExportedSessionKey, &signMagic, |
837 | 203 | context->ClientSigningKey); |
838 | 203 | } |
839 | | |
840 | | /** |
841 | | * Generate server signing key (ServerSigningKey). msdn{cc236711} |
842 | | * @param context A pointer to the NTLM context |
843 | | * |
844 | | * @return \b TRUE for success, \b FALSE for failure |
845 | | */ |
846 | | |
847 | | BOOL ntlm_generate_server_signing_key(NTLM_CONTEXT* context) |
848 | 203 | { |
849 | 203 | const SecBuffer signMagic = { sizeof(NTLM_SERVER_SIGN_MAGIC), 0, NTLM_SERVER_SIGN_MAGIC }; |
850 | | |
851 | 203 | WINPR_ASSERT(context); |
852 | 203 | return ntlm_generate_signing_key(context->ExportedSessionKey, &signMagic, |
853 | 203 | context->ServerSigningKey); |
854 | 203 | } |
855 | | |
856 | | /** |
857 | | * Generate client sealing key (ClientSealingKey). msdn{cc236712} |
858 | | * @param context A pointer to the NTLM context |
859 | | * |
860 | | * @return \b TRUE for success, \b FALSE for failure |
861 | | */ |
862 | | |
863 | | BOOL ntlm_generate_client_sealing_key(NTLM_CONTEXT* context) |
864 | 203 | { |
865 | 203 | const SecBuffer sealMagic = { sizeof(NTLM_CLIENT_SEAL_MAGIC), 0, NTLM_CLIENT_SEAL_MAGIC }; |
866 | | |
867 | 203 | WINPR_ASSERT(context); |
868 | 203 | return ntlm_generate_signing_key(context->ExportedSessionKey, &sealMagic, |
869 | 203 | context->ClientSealingKey); |
870 | 203 | } |
871 | | |
872 | | /** |
873 | | * Generate server sealing key (ServerSealingKey). msdn{cc236712} |
874 | | * @param context A pointer to the NTLM context |
875 | | * |
876 | | * @return \b TRUE for success, \b FALSE for failure |
877 | | */ |
878 | | |
879 | | BOOL ntlm_generate_server_sealing_key(NTLM_CONTEXT* context) |
880 | 203 | { |
881 | 203 | const SecBuffer sealMagic = { sizeof(NTLM_SERVER_SEAL_MAGIC), 0, NTLM_SERVER_SEAL_MAGIC }; |
882 | | |
883 | 203 | WINPR_ASSERT(context); |
884 | 203 | return ntlm_generate_signing_key(context->ExportedSessionKey, &sealMagic, |
885 | 203 | context->ServerSealingKey); |
886 | 203 | } |
887 | | |
888 | | /** |
889 | | * Initialize RC4 stream cipher states for sealing. |
890 | | * @param context A pointer to the NTLM context |
891 | | */ |
892 | | |
893 | | BOOL ntlm_init_rc4_seal_states(NTLM_CONTEXT* context) |
894 | 203 | { |
895 | 203 | WINPR_ASSERT(context); |
896 | 203 | if (context->server) |
897 | 0 | { |
898 | 0 | context->SendSigningKey = context->ServerSigningKey; |
899 | 0 | context->RecvSigningKey = context->ClientSigningKey; |
900 | 0 | context->SendSealingKey = context->ClientSealingKey; |
901 | 0 | context->RecvSealingKey = context->ServerSealingKey; |
902 | 0 | context->SendRc4Seal = |
903 | 0 | winpr_RC4_New(context->ServerSealingKey, sizeof(context->ServerSealingKey)); |
904 | 0 | context->RecvRc4Seal = |
905 | 0 | winpr_RC4_New(context->ClientSealingKey, sizeof(context->ClientSealingKey)); |
906 | 0 | } |
907 | 203 | else |
908 | 203 | { |
909 | 203 | context->SendSigningKey = context->ClientSigningKey; |
910 | 203 | context->RecvSigningKey = context->ServerSigningKey; |
911 | 203 | context->SendSealingKey = context->ServerSealingKey; |
912 | 203 | context->RecvSealingKey = context->ClientSealingKey; |
913 | 203 | context->SendRc4Seal = |
914 | 203 | winpr_RC4_New(context->ClientSealingKey, sizeof(context->ClientSealingKey)); |
915 | 203 | context->RecvRc4Seal = |
916 | 203 | winpr_RC4_New(context->ServerSealingKey, sizeof(context->ServerSealingKey)); |
917 | 203 | } |
918 | 203 | if (!context->SendRc4Seal) |
919 | 0 | { |
920 | 0 | WLog_ERR(TAG, "Failed to allocate context->SendRc4Seal"); |
921 | 0 | return FALSE; |
922 | 0 | } |
923 | 203 | if (!context->RecvRc4Seal) |
924 | 0 | { |
925 | 0 | WLog_ERR(TAG, "Failed to allocate context->RecvRc4Seal"); |
926 | 0 | return FALSE; |
927 | 0 | } |
928 | 203 | return TRUE; |
929 | 203 | } |
930 | | |
931 | | BOOL ntlm_compute_message_integrity_check(NTLM_CONTEXT* context, BYTE* mic, UINT32 size) |
932 | 264 | { |
933 | 264 | BOOL rc = FALSE; |
934 | | /* |
935 | | * Compute the HMAC-MD5 hash of ConcatenationOf(NEGOTIATE_MESSAGE, |
936 | | * CHALLENGE_MESSAGE, AUTHENTICATE_MESSAGE) using the ExportedSessionKey |
937 | | */ |
938 | 264 | WINPR_HMAC_CTX* hmac = winpr_HMAC_New(); |
939 | | |
940 | 264 | WINPR_ASSERT(context); |
941 | 264 | WINPR_ASSERT(mic); |
942 | 264 | WINPR_ASSERT(size >= WINPR_MD5_DIGEST_LENGTH); |
943 | | |
944 | 264 | memset(mic, 0, size); |
945 | 264 | if (!hmac) |
946 | 0 | return FALSE; |
947 | | |
948 | 264 | if (!winpr_HMAC_Init(hmac, WINPR_MD_MD5, context->ExportedSessionKey, WINPR_MD5_DIGEST_LENGTH)) |
949 | 0 | goto fail; |
950 | | |
951 | 264 | if (!winpr_HMAC_Update(hmac, (BYTE*)context->NegotiateMessage.pvBuffer, |
952 | 264 | context->NegotiateMessage.cbBuffer)) |
953 | 0 | goto fail; |
954 | 264 | if (!winpr_HMAC_Update(hmac, (BYTE*)context->ChallengeMessage.pvBuffer, |
955 | 264 | context->ChallengeMessage.cbBuffer)) |
956 | 0 | goto fail; |
957 | | |
958 | 264 | if (context->MessageIntegrityCheckOffset > 0) |
959 | 264 | { |
960 | 264 | const BYTE* auth = (BYTE*)context->AuthenticateMessage.pvBuffer; |
961 | 264 | const BYTE data[WINPR_MD5_DIGEST_LENGTH] = WINPR_C_ARRAY_INIT; |
962 | 264 | const size_t rest = context->MessageIntegrityCheckOffset + sizeof(data); |
963 | | |
964 | 264 | if (rest > context->AuthenticateMessage.cbBuffer) |
965 | 9 | goto fail; |
966 | 255 | if (!winpr_HMAC_Update(hmac, &auth[0], context->MessageIntegrityCheckOffset)) |
967 | 0 | goto fail; |
968 | 255 | if (!winpr_HMAC_Update(hmac, data, sizeof(data))) |
969 | 0 | goto fail; |
970 | 255 | if (!winpr_HMAC_Update(hmac, &auth[rest], context->AuthenticateMessage.cbBuffer - rest)) |
971 | 0 | goto fail; |
972 | 255 | } |
973 | 0 | else |
974 | 0 | { |
975 | 0 | if (!winpr_HMAC_Update(hmac, (BYTE*)context->AuthenticateMessage.pvBuffer, |
976 | 0 | context->AuthenticateMessage.cbBuffer)) |
977 | 0 | goto fail; |
978 | 0 | } |
979 | 255 | rc = winpr_HMAC_Final(hmac, mic, WINPR_MD5_DIGEST_LENGTH); |
980 | | |
981 | 264 | fail: |
982 | 264 | winpr_HMAC_Free(hmac); |
983 | 264 | return rc; |
984 | 255 | } |