The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
mschap.c
Go to the documentation of this file.
1/*
2 * mschap.c
3 *
4 * Version: $Id: abe8c94beb4714bf64b7031a5a72c959c2ab3e5a $
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 *
20 * @copyright 2000,2001,2006,2010 The FreeRADIUS server project
21 */
22
23
24/*
25 * This implements MS-CHAP, as described in RFC 2548
26 *
27 * http://www.freeradius.org/rfc/rfc2548.txt
28 *
29 */
30
31RCSID("$Id: abe8c94beb4714bf64b7031a5a72c959c2ab3e5a $")
32
33#include <freeradius-devel/server/base.h>
34#include <freeradius-devel/server/module_rlm.h>
35#include <freeradius-devel/util/debug.h>
36#include <freeradius-devel/util/md5.h>
37#include <freeradius-devel/util/sha1.h>
38
39#include <ctype.h>
40
41#include "smbdes.h"
42#include "mschap.h"
43
44/** Converts Unicode password to 16-byte NT hash with MD4
45 *
46 * @param[out] out Pointer to 16 byte output buffer.
47 * @param[in] password to encode.
48 * @return
49 * - 0 on success.
50 * - -1 on failure.
51 */
52int mschap_nt_password_hash(uint8_t out[static NT_DIGEST_LENGTH], char const *password)
53{
54 ssize_t len;
55 uint8_t ucs2_password[512];
56
57 len = fr_utf8_to_ucs2(ucs2_password, sizeof(ucs2_password), password, strlen(password));
58 if (len < 0) {
59 *out = '\0';
60 return -1;
61 }
62 fr_md4_calc(out, (uint8_t *) ucs2_password, len);
63
64 return 0;
65}
66
67/*
68 * challenge_hash() is used by mschap2() and auth_response()
69 * implements RFC2759 ChallengeHash()
70 * generates 64 bit challenge
71 */
72void mschap_challenge_hash(uint8_t challenge[static MSCHAP_CHALLENGE_LENGTH],
73 uint8_t const peer_challenge[static MSCHAP_PEER_CHALLENGE_LENGTH],
74 uint8_t const auth_challenge[static MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH],
75 char const *user_name, size_t user_name_len)
76{
77 fr_sha1_ctx Context;
78 uint8_t hash[SHA1_DIGEST_LENGTH];
79
80 FR_PROTO_TRACE("RFC2759 ChallengeHash");
81 FR_PROTO_HEX_DUMP(peer_challenge, MSCHAP_PEER_CHALLENGE_LENGTH, "PeerChallenge");
82 FR_PROTO_HEX_DUMP(auth_challenge, MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH, "AuthenticatorChallenge");
83 FR_PROTO_HEX_DUMP((uint8_t const *)user_name, user_name_len, "UserName");
84
85 fr_sha1_init(&Context);
86 fr_sha1_update(&Context, peer_challenge, MSCHAP_PEER_CHALLENGE_LENGTH);
87 fr_sha1_update(&Context, auth_challenge, MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH);
88 fr_sha1_update(&Context, (uint8_t const *) user_name, user_name_len);
89 fr_sha1_final(hash, &Context);
90
91 memcpy(challenge, hash, MSCHAP_CHALLENGE_LENGTH); //-V512
92
93 FR_PROTO_HEX_DUMP(challenge, MSCHAP_CHALLENGE_LENGTH, "Challenge");
94}
95
96/*
97 * auth_response() generates MS-CHAP v2 SUCCESS response
98 * according to RFC 2759 GenerateAuthenticatorResponse()
99 * returns 42-octet response string
100 */
101void mschap_auth_response(char const *username, size_t username_len,
102 uint8_t const *nt_hash_hash,
103 uint8_t const *ntresponse,
104 uint8_t const *peer_challenge, uint8_t const *auth_challenge,
105 char *response)
106{
107 fr_sha1_ctx Context;
108 static const uint8_t magic1[39] =
109 {0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76,
110 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65,
111 0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67,
112 0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74};
113
114 static const uint8_t magic2[41] =
115 {0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B,
116 0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F,
117 0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E,
118 0x65, 0x20, 0x69, 0x74, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6F,
119 0x6E};
120
121 static char const hex[] = "0123456789ABCDEF";
122
123 size_t i;
124 uint8_t challenge[8];
125 uint8_t digest[20];
126
127 fr_sha1_init(&Context);
128 fr_sha1_update(&Context, nt_hash_hash, 16);
129 fr_sha1_update(&Context, ntresponse, 24);
130 fr_sha1_update(&Context, magic1, 39);
131 fr_sha1_final(digest, &Context);
132 mschap_challenge_hash(challenge, peer_challenge, auth_challenge, username, username_len);
133 fr_sha1_init(&Context);
134 fr_sha1_update(&Context, digest, 20);
135 fr_sha1_update(&Context, challenge, 8);
136 fr_sha1_update(&Context, magic2, 41);
137 fr_sha1_final(digest, &Context);
138
139 /*
140 * Encode the value of 'Digest' as "S=" followed by
141 * 40 ASCII hexadecimal digits and return it in
142 * AuthenticatorResponse.
143 * For example,
144 * "S=0123456789ABCDEF0123456789ABCDEF01234567"
145 */
146 response[0] = 'S';
147 response[1] = '=';
148
149 /*
150 * The hexadecimal digits [A-F] MUST be uppercase.
151 */
152 for (i = 0; i < sizeof(digest); i++) {
153 response[2 + (i * 2)] = hex[(digest[i] >> 4) & 0x0f];
154 response[3 + (i * 2)] = hex[digest[i] & 0x0f];
155 }
156}
157
158/*
159 * add_reply() adds either MS-CHAP2-Success or MS-CHAP-Error
160 * attribute to reply packet
161 */
162void mschap_add_reply(request_t *request, uint8_t ident,
163 fr_dict_attr_t const *da, char const *value, size_t len)
164{
165 fr_pair_t *vp;
166
167 MEM(pair_update_reply(&vp, da) >= 0);
168 if (vp->vp_type == FR_TYPE_STRING) {
169 char *p;
170
171 MEM(fr_pair_value_bstr_alloc(vp, &p, len + 1, vp->vp_tainted) == 0); /* Account for the ident byte */
172 p[0] = ident;
173 memcpy(p + 1, value, len);
174 } else {
175 uint8_t *p;
176
177 MEM(fr_pair_value_mem_alloc(vp, &p, len + 1, vp->vp_tainted) == 0); /* Account for the ident byte */
178 p[0] = ident;
179 memcpy(p + 1, value, len);
180 }
181}
182
RCSID
#define RCSID(id)
Definition build.h:483
MEM
#define MEM(x)
Definition debug.h:36
value
Test enumeration values.
Definition dict_test.h:92
fr_md4_calc
void fr_md4_calc(uint8_t out[static MD4_DIGEST_LENGTH], uint8_t const *in, size_t inlen)
Calculate the MD4 hash of the contents of a buffer.
Definition md4.c:482
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition merged_model.c:83
ssize_t
long int ssize_t
Definition merged_model.c:24
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
fr_dict_attr_t
Definition merged_model.c:133
request_t
Definition merged_model.c:210
fr_utf8_to_ucs2
ssize_t fr_utf8_to_ucs2(uint8_t *out, size_t outlen, char const *in, size_t inlen)
Convert UTF8 string to UCS2 encoding.
Definition misc.c:315
mschap_nt_password_hash
int mschap_nt_password_hash(uint8_t out[static NT_DIGEST_LENGTH], char const *password)
Converts Unicode password to 16-byte NT hash with MD4.
Definition mschap.c:52
mschap_add_reply
void mschap_add_reply(request_t *request, uint8_t ident, fr_dict_attr_t const *da, char const *value, size_t len)
Definition mschap.c:162
mschap_auth_response
void mschap_auth_response(char const *username, size_t username_len, uint8_t const *nt_hash_hash, uint8_t const *ntresponse, uint8_t const *peer_challenge, uint8_t const *auth_challenge, char *response)
Definition mschap.c:101
mschap_challenge_hash
void mschap_challenge_hash(uint8_t challenge[static MSCHAP_CHALLENGE_LENGTH], uint8_t const peer_challenge[static MSCHAP_PEER_CHALLENGE_LENGTH], uint8_t const auth_challenge[static MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH], char const *user_name, size_t user_name_len)
Definition mschap.c:72
MSCHAP_CHALLENGE_LENGTH
#define MSCHAP_CHALLENGE_LENGTH
Definition mschap.h:9
MSCHAP_PEER_CHALLENGE_LENGTH
#define MSCHAP_PEER_CHALLENGE_LENGTH
Definition mschap.h:10
MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH
#define MSCHAP_PEER_AUTHENTICATOR_CHALLENGE_LENGTH
Definition mschap.h:11
NT_DIGEST_LENGTH
#define NT_DIGEST_LENGTH
Definition mschap.h:7
fr_pair_value_bstr_alloc
int fr_pair_value_bstr_alloc(fr_pair_t *vp, char **out, size_t size, bool tainted)
Pre-allocate a memory buffer for a "string" type value pair.
Definition pair.c:2730
fr_pair_value_mem_alloc
int fr_pair_value_mem_alloc(fr_pair_t *vp, uint8_t **out, size_t size, bool tainted)
Pre-allocate a memory buffer for a "octets" type value pair.
Definition pair.c:2930
magic1
static const uint8_t magic1[27]
Definition rlm_mschap.c:1253
magic2
static const uint8_t magic2[84]
Definition rlm_mschap.c:1258
hash
static unsigned int hash(char const *username, unsigned int tablesize)
Definition rlm_passwd.c:132
username
username
Definition rlm_securid.c:420
pair_update_reply
#define pair_update_reply(_attr, _da)
Return or allocate a fr_pair_t in the reply list.
Definition pair.h:129
fr_sha1_init
void fr_sha1_init(fr_sha1_ctx *context)
Definition sha1.c:93
fr_sha1_final
void fr_sha1_final(uint8_t digest[static SHA1_DIGEST_LENGTH], fr_sha1_ctx *context)
Definition sha1.c:141
fr_sha1_update
void fr_sha1_update(fr_sha1_ctx *context, uint8_t const *in, size_t len)
Definition sha1.c:105
SHA1_DIGEST_LENGTH
#define SHA1_DIGEST_LENGTH
Definition sha1.h:29
fr_sha1_ctx
Definition sha1.h:33
vp
fr_pair_t * vp
Definition state_machine.c:2262
value_pair_s
Stores an attribute, a value and various bits of other data.
Definition pair.h:68
FR_PROTO_HEX_DUMP
#define FR_PROTO_HEX_DUMP(_data, _data_len, _fmt,...)
Definition proto.h:41
FR_PROTO_TRACE
#define FR_PROTO_TRACE(_fmt,...)
Definition proto.h:40
out
static size_t char ** out
Definition value.h:997
Generated by   doxygen 1.9.8