1 /* Based on work Copyright (C) 2002 - 2004 Tenable Network Security
2 *
3 * SPDX-License-Identifier: GPL-2.0-only
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * version 2 as published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
17 */
18
19 /**
20 * @file nasl_crypto.c
21 * @brief This file contains all the cryptographic functions NASL has.
22 */
23
24 /* MODIFICATION: added definitions for implementing NTLMSSP features */
25
26 #include "nasl_crypto.h"
27
28 #include "exec.h"
29 #include "hmacmd5.h"
30 #include "nasl_debug.h"
31 #include "nasl_func.h"
32 #include "nasl_global_ctxt.h"
33 #include "nasl_lex_ctxt.h"
34 #include "nasl_tree.h"
35 #include "nasl_var.h"
36 #include "ntlmssp.h"
37 #include "smb.h"
38 #include "smb_crypt.h"
39 #include "smb_signing.h"
40
41 #include <assert.h>
42 #include <ctype.h>
43 #include <gcrypt.h>
44 #include <glib.h>
45 #include <gvm/base/logging.h>
46 #include <stdlib.h>
47
48 #ifndef uchar
49 #define uchar unsigned char
50 #endif
51
52 #ifndef uint8
53 #define uint8 uint8_t
54 #endif
55
56 #ifndef uint32
57 #define uint32 uint32_t
58 #endif
59
60 #undef G_LOG_DOMAIN
61 /**
62 * @brief GLib logging domain.
63 */
64 #define G_LOG_DOMAIN "lib nasl"
65
66 /*-------------------[ Std. HASH ]-------------------------------------*/
67 static tree_cell *
nasl_gcrypt_hash(lex_ctxt * lexic,int algorithm,void * data,size_t datalen,void * key,size_t keylen)68 nasl_gcrypt_hash (lex_ctxt *lexic, int algorithm, void *data, size_t datalen,
69 void *key, size_t keylen)
70 {
71 gcry_md_hd_t hd;
72 gcry_error_t err;
73 tree_cell *retc;
74 int dlen = gcry_md_get_algo_dlen (algorithm);
75
76 if (data == NULL)
77 return NULL;
78
79 err = gcry_md_open (&hd, algorithm, key ? GCRY_MD_FLAG_HMAC : 0);
80 if (err)
81 {
82 nasl_perror (lexic, "nasl_gcrypt_hash(): gcry_md_open failed: %s/%s\n",
83 gcry_strsource (err), gcry_strerror (err));
84 return NULL;
85 }
86
87 if (key)
88 {
89 err = gcry_md_setkey (hd, key, keylen);
90 if (err)
91 {
92 nasl_perror (lexic,
93 "nasl_gcrypt_hash():"
94 " gcry_md_setkey failed: %s/%s\n",
95 gcry_strsource (err), gcry_strerror (err));
96 return NULL;
97 }
98 }
99
100 gcry_md_write (hd, data, datalen);
101
102 retc = alloc_typed_cell (CONST_DATA);
103 retc->x.str_val = g_memdup (gcry_md_read (hd, algorithm), dlen + 1);
104 retc->size = dlen;
105
106 gcry_md_close (hd);
107
108 return retc;
109 }
110
111 static tree_cell *
nasl_hash(lex_ctxt * lexic,int algorithm)112 nasl_hash (lex_ctxt *lexic, int algorithm)
113 {
114 char *data = get_str_var_by_num (lexic, 0);
115 int len = get_var_size_by_num (lexic, 0);
116
117 return nasl_gcrypt_hash (lexic, algorithm, data, len, NULL, 0);
118 }
119
120 tree_cell *
nasl_md2(lex_ctxt * lexic)121 nasl_md2 (lex_ctxt *lexic)
122 {
123 return nasl_hash (lexic, GCRY_MD_MD2);
124 }
125
126 tree_cell *
nasl_md4(lex_ctxt * lexic)127 nasl_md4 (lex_ctxt *lexic)
128 {
129 return nasl_hash (lexic, GCRY_MD_MD4);
130 }
131
132 tree_cell *
nasl_md5(lex_ctxt * lexic)133 nasl_md5 (lex_ctxt *lexic)
134 {
135 return nasl_hash (lexic, GCRY_MD_MD5);
136 }
137
138 tree_cell *
nasl_sha1(lex_ctxt * lexic)139 nasl_sha1 (lex_ctxt *lexic)
140 {
141 return nasl_hash (lexic, GCRY_MD_SHA1);
142 }
143
144 tree_cell *
nasl_sha256(lex_ctxt * lexic)145 nasl_sha256 (lex_ctxt *lexic)
146 {
147 return nasl_hash (lexic, GCRY_MD_SHA256);
148 }
149
150 tree_cell *
nasl_ripemd160(lex_ctxt * lexic)151 nasl_ripemd160 (lex_ctxt *lexic)
152 {
153 return nasl_hash (lexic, GCRY_MD_RMD160);
154 }
155
156 static tree_cell *
nasl_cipher(int algorithm,void * data,size_t dlen,void * key,size_t klen)157 nasl_cipher (int algorithm, void *data, size_t dlen, void *key, size_t klen)
158 {
159 gcry_cipher_hd_t hd;
160 gcry_error_t error;
161 tree_cell *retc;
162 char *result;
163
164 if ((error = gcry_cipher_open (&hd, algorithm, GCRY_CIPHER_MODE_ECB, 0)))
165 {
166 g_message ("gcry_cipher_open: %s", gcry_strerror (error));
167 return NULL;
168 }
169 if ((error = gcry_cipher_setkey (hd, key, klen)))
170 {
171 g_message ("gcry_cipher_setkey: %s", gcry_strerror (error));
172 return NULL;
173 }
174 result = g_malloc0 (dlen);
175 if ((error = gcry_cipher_encrypt (hd, result, dlen, data, dlen)))
176 {
177 g_message ("gcry_cipher_encrypt: %s", gcry_strerror (error));
178 return NULL;
179 }
180 gcry_cipher_close (hd);
181
182 retc = alloc_typed_cell (CONST_DATA);
183 retc->x.str_val = result;
184 retc->size = dlen;
185 return retc;
186 }
187
188 tree_cell *
nasl_cipher_des(lex_ctxt * lexic)189 nasl_cipher_des (lex_ctxt *lexic)
190 {
191 char *data, *key;
192 size_t dlen, klen;
193
194 data = get_str_var_by_num (lexic, 0);
195 dlen = get_var_size_by_num (lexic, 0);
196 key = get_str_var_by_num (lexic, 1);
197 klen = get_var_size_by_num (lexic, 1);
198 return nasl_cipher (GCRY_CIPHER_DES, data, dlen, key, klen);
199 }
200
201 /*-------------------[ HMAC ]-------------------------------------*/
202
203 static tree_cell *
nasl_hmac(lex_ctxt * lexic,int algorithm)204 nasl_hmac (lex_ctxt *lexic, int algorithm)
205 {
206 char *data = get_str_var_by_name (lexic, "data");
207 char *key = get_str_var_by_name (lexic, "key");
208 int data_len = get_var_size_by_name (lexic, "data");
209 int key_len = get_var_size_by_name (lexic, "key");
210
211 return nasl_gcrypt_hash (lexic, algorithm, data, data_len, key, key_len);
212 }
213
214 tree_cell *
nasl_hmac_md2(lex_ctxt * lexic)215 nasl_hmac_md2 (lex_ctxt *lexic)
216 {
217 return nasl_hmac (lexic, GCRY_MD_MD2);
218 }
219
220 tree_cell *
nasl_hmac_md5(lex_ctxt * lexic)221 nasl_hmac_md5 (lex_ctxt *lexic)
222 {
223 return nasl_hmac (lexic, GCRY_MD_MD5);
224 }
225
226 tree_cell *
nasl_hmac_sha1(lex_ctxt * lexic)227 nasl_hmac_sha1 (lex_ctxt *lexic)
228 {
229 return nasl_hmac (lexic, GCRY_MD_SHA1);
230 }
231
232 tree_cell *
nasl_hmac_sha384(lex_ctxt * lexic)233 nasl_hmac_sha384 (lex_ctxt *lexic)
234 {
235 return nasl_hmac (lexic, GCRY_MD_SHA384);
236 }
237
238 tree_cell *
nasl_hmac_ripemd160(lex_ctxt * lexic)239 nasl_hmac_ripemd160 (lex_ctxt *lexic)
240 {
241 return nasl_hmac (lexic, GCRY_MD_RMD160);
242 }
243
244 /*-------------------[ Windows ]-------------------------------------*/
245 tree_cell *
nasl_get_sign(lex_ctxt * lexic)246 nasl_get_sign (lex_ctxt *lexic)
247 {
248 char *mac_key = (char *) get_str_var_by_name (lexic, "key");
249 uint8_t *buf = (uint8_t *) get_str_var_by_name (lexic, "buf");
250 int buflen = get_int_var_by_name (lexic, "buflen", -1);
251 int seq_num = get_int_var_by_name (lexic, "seq_number", -1);
252 if (mac_key == NULL || buf == NULL || buflen == -1 || seq_num <= -1)
253 {
254 nasl_perror (lexic, "Syntax : get_signature(key:<k>, buf:<b>, "
255 "buflen:<bl>, seq_number:<s>)\n");
256 return NULL;
257 }
258 uint8_t calc_md5_mac[16];
259 simple_packet_signature_ntlmssp ((uint8_t *) mac_key, buf, seq_num,
260 calc_md5_mac);
261 memcpy (buf + 18, calc_md5_mac, 8);
262 char *ret = g_malloc0 (buflen);
263 memcpy (ret, buf, buflen);
264 tree_cell *retc;
265 retc = alloc_typed_cell (CONST_DATA);
266 retc->size = buflen;
267 retc->x.str_val = (char *) ret;
268 return retc;
269 }
270
271 static void *
hmac_md5_for_prf(const void * key,int keylen,const void * buf,int buflen)272 hmac_md5_for_prf (const void *key, int keylen, const void *buf, int buflen)
273 {
274 void *signature = g_malloc0 (16);
275 gsize signlen = 16;
276 GHmac *hmac;
277
278 hmac = g_hmac_new (G_CHECKSUM_MD5, key, keylen);
279 g_hmac_update (hmac, buf, buflen);
280 g_hmac_get_digest (hmac, signature, &signlen);
281 g_hmac_unref (hmac);
282 return signature;
283 }
284
285 static void *
hmac_sha1(const void * key,int keylen,const void * buf,int buflen)286 hmac_sha1 (const void *key, int keylen, const void *buf, int buflen)
287 {
288 void *signature = g_malloc0 (20);
289 gsize signlen = 20;
290 GHmac *hmac;
291
292 hmac = g_hmac_new (G_CHECKSUM_SHA1, key, keylen);
293 g_hmac_update (hmac, buf, buflen);
294 g_hmac_get_digest (hmac, signature, &signlen);
295 g_hmac_unref (hmac);
296 return signature;
297 }
298
299 static void *
hmac_sha256(const void * key,int keylen,const void * buf,int buflen)300 hmac_sha256 (const void *key, int keylen, const void *buf, int buflen)
301 {
302 void *signature = g_malloc0 (32);
303 gsize signlen = 32;
304 GHmac *hmac;
305
306 hmac = g_hmac_new (G_CHECKSUM_SHA256, key, keylen);
307 g_hmac_update (hmac, buf, buflen);
308 g_hmac_get_digest (hmac, signature, &signlen);
309 g_hmac_unref (hmac);
310 return signature;
311 }
312
313 static void *
hmac_sha384(const void * key,int keylen,const void * buf,int buflen)314 hmac_sha384 (const void *key, int keylen, const void *buf, int buflen)
315 {
316 gcry_md_hd_t hd;
317 gcry_error_t err;
318 void *ret;
319
320 if (!buf || buflen <= 0)
321 return NULL;
322
323 err = gcry_md_open (&hd, GCRY_MD_SHA384, key ? GCRY_MD_FLAG_HMAC : 0);
324 if (err)
325 {
326 g_message ("nasl_gcrypt_hash(): gcry_md_open failed: %s/%s",
327 gcry_strsource (err), gcry_strerror (err));
328 return NULL;
329 }
330
331 if (key)
332 {
333 err = gcry_md_setkey (hd, key, keylen);
334 if (err)
335 {
336 g_message ("nasl_gcrypt_hash(): gcry_md_setkey failed: %s/%s",
337 gcry_strsource (err), gcry_strerror (err));
338 return NULL;
339 }
340 }
341
342 gcry_md_write (hd, buf, buflen);
343 ret = g_memdup (gcry_md_read (hd, 0), 48);
344 gcry_md_close (hd);
345 return ret;
346 }
347
348 tree_cell *
nasl_hmac_sha256(lex_ctxt * lexic)349 nasl_hmac_sha256 (lex_ctxt *lexic)
350 {
351 void *key, *data, *signature;
352 int keylen, datalen;
353 tree_cell *retc;
354
355 key = get_str_var_by_name (lexic, "key");
356 data = get_str_var_by_name (lexic, "data");
357 datalen = get_var_size_by_name (lexic, "data");
358 keylen = get_var_size_by_name (lexic, "key");
359 if (!key || !data || keylen <= 0 || datalen <= 0)
360 {
361 nasl_perror (lexic, "Syntax : hmac_sha256(data:<b>, key:<k>)\n");
362 return NULL;
363 }
364 signature = hmac_sha256 (key, keylen, data, datalen);
365
366 retc = alloc_typed_cell (CONST_DATA);
367 retc->size = 32;
368 retc->x.str_val = (char *) signature;
369 return retc;
370 }
371
372 /* @brief PRF function from RFC 2246 chapter 5.
373 *
374 * @param hmac 0 for SHA256, 1 for SHA384, 2 for MD5, 3 for SHA1.
375 *
376 * */
377 static void *
tls_prf(const void * secret,size_t secret_len,const void * seed,size_t seed_len,const void * label,size_t outlen,int hmac)378 tls_prf (const void *secret, size_t secret_len, const void *seed,
379 size_t seed_len, const void *label, size_t outlen, int hmac)
380 {
381 char *result = NULL;
382 size_t pos = 0, lslen, hmac_size;
383 void *Ai;
384 void *lseed;
385 void *(*hmac_func) (const void *, int, const void *, int);
386
387 if (hmac == 0)
388 {
389 hmac_size = 32;
390 hmac_func = hmac_sha256;
391 }
392 else if (hmac == 1)
393 {
394 hmac_size = 48;
395 hmac_func = hmac_sha384;
396 }
397 else if (hmac == 2)
398 {
399 hmac_size = 16;
400 hmac_func = hmac_md5_for_prf;
401 }
402 else
403 {
404 hmac_size = 20;
405 hmac_func = hmac_sha1;
406 }
407
408 /*
409 * lseed = label + seed
410 * A0 = lseed (new seed)
411 * Ai = HMAC(secret, A(i - 1))
412 */
413 lslen = strlen (label) + seed_len;
414 lseed = g_malloc0 (lslen);
415 memcpy (lseed, label, strlen (label));
416 memcpy ((char *) lseed + strlen (label), seed, seed_len);
417
418 Ai = hmac_func (secret, secret_len, lseed, lslen);
419 if (!Ai)
420 {
421 g_free (lseed);
422 return NULL;
423 }
424
425 result = g_malloc0 (outlen);
426 while (pos < outlen)
427 {
428 void *tmp, *tmp2;
429 size_t clen;
430
431 /* HMAC_hash(secret, Ai + lseed) */
432 tmp = g_malloc0 (hmac_size + lslen);
433 memcpy (tmp, Ai, hmac_size);
434 memcpy ((char *) tmp + hmac_size, lseed, lslen);
435 tmp2 = hmac_func (secret, secret_len, tmp, hmac_size + lslen);
436 g_free (tmp);
437 /* concat to result */
438 clen = outlen - pos;
439 if (clen > hmac_size)
440 clen = hmac_size;
441 memcpy (result + pos, tmp2, clen);
442 pos += clen;
443 g_free (tmp2);
444
445 /* A(i+1) */
446 tmp = hmac_func (secret, secret_len, Ai, hmac_size);
447 g_free (Ai);
448 Ai = tmp;
449 }
450
451 g_free (Ai);
452 g_free (lseed);
453 return result;
454 }
455
456 /* @brief PRF function from RFC 4346 chapter 5. TLS v1.1
457 *
458 * Legacy function in which P_MD5 and PSHA1 are combined.
459 *
460 * Legacy function has been replaced with prf_sha256 and prf_sha348
461 * in TLS v1.2, as it can be read in chapter 1.2
462 * */
463 static void *
tls1_prf(const void * secret,size_t secret_len,const void * seed,size_t seed_len,const void * label,size_t outlen)464 tls1_prf (const void *secret, size_t secret_len, const void *seed,
465 size_t seed_len, const void *label, size_t outlen)
466 {
467 void *result, *secret1 = NULL, *secret2 = NULL;
468 unsigned int half_slen, odd = 0, i;
469 char *resultmd5 = NULL, *resultsha1 = NULL, *aux_res = NULL;
470
471 if (secret_len % 2 == 0)
472 half_slen = secret_len / 2;
473 else
474 {
475 half_slen = (secret_len + 1) / 2;
476 odd = 1;
477 }
478
479 secret1 = g_malloc0 (half_slen);
480 memcpy (secret1, secret, half_slen);
481 resultmd5 = tls_prf (secret1, half_slen, seed, seed_len, label, outlen, 2);
482 if (!resultmd5)
483 {
484 g_free (secret1);
485 return NULL;
486 }
487
488 secret2 = g_malloc0 (half_slen);
489 memcpy (secret2, (char *) secret + (half_slen - odd), half_slen);
490 resultsha1 = tls_prf (secret2, half_slen, seed, seed_len, label, outlen, 3);
491 if (!resultsha1)
492 {
493 g_free (resultmd5);
494 g_free (secret1);
495 g_free (secret2);
496 return NULL;
497 }
498
499 aux_res = g_malloc0 (outlen);
500 for (i = 0; i < outlen; i++)
501 aux_res[i] = resultmd5[i] ^ resultsha1[i];
502
503 result = g_malloc (outlen);
504 memcpy (result, aux_res, outlen);
505
506 g_free (resultmd5);
507 g_free (resultsha1);
508 g_free (secret1);
509 g_free (secret2);
510 g_free (aux_res);
511
512 return result;
513 }
514
515 static tree_cell *
nasl_prf(lex_ctxt * lexic,int hmac)516 nasl_prf (lex_ctxt *lexic, int hmac)
517 {
518 void *secret, *seed, *label, *result;
519 int secret_len, seed_len, label_len, outlen;
520 tree_cell *retc;
521
522 secret = get_str_var_by_name (lexic, "secret");
523 seed = get_str_var_by_name (lexic, "seed");
524 label = get_str_var_by_name (lexic, "label");
525 outlen = get_int_var_by_name (lexic, "outlen", -1);
526 seed_len = get_var_size_by_name (lexic, "seed");
527 secret_len = get_var_size_by_name (lexic, "secret");
528 label_len = get_var_size_by_name (lexic, "label");
529 if (!secret || !seed || secret_len <= 0 || seed_len <= 0 || !label
530 || label_len <= 0 || outlen <= 0)
531 {
532 nasl_perror (lexic, "Syntax : prf(secret, seed, label, outlen)\n");
533 return NULL;
534 }
535 if (hmac != 2)
536 result = tls_prf (secret, secret_len, seed, seed_len, label, outlen, hmac);
537 else
538 result = tls1_prf (secret, secret_len, seed, seed_len, label, outlen);
539
540 if (!result)
541 return NULL;
542
543 retc = alloc_typed_cell (CONST_DATA);
544 retc->size = outlen;
545 retc->x.str_val = (char *) result;
546 return retc;
547 }
548
549 tree_cell *
nasl_prf_sha256(lex_ctxt * lexic)550 nasl_prf_sha256 (lex_ctxt *lexic)
551 {
552 return nasl_prf (lexic, 0);
553 }
554
555 tree_cell *
nasl_prf_sha384(lex_ctxt * lexic)556 nasl_prf_sha384 (lex_ctxt *lexic)
557 {
558 return nasl_prf (lexic, 1);
559 }
560
561 tree_cell *
nasl_tls1_prf(lex_ctxt * lexic)562 nasl_tls1_prf (lex_ctxt *lexic)
563 {
564 return nasl_prf (lexic, 2);
565 }
566
567 tree_cell *
nasl_hmac_sha512(lex_ctxt * lexic)568 nasl_hmac_sha512 (lex_ctxt *lexic)
569 {
570 return nasl_hmac (lexic, GCRY_MD_SHA512);
571 }
572
573 tree_cell *
nasl_get_smb2_sign(lex_ctxt * lexic)574 nasl_get_smb2_sign (lex_ctxt *lexic)
575 {
576 void *key, *buf, *signature, *ret;
577 int keylen, buflen;
578 tree_cell *retc;
579
580 key = get_str_var_by_name (lexic, "key");
581 buf = get_str_var_by_name (lexic, "buf");
582 keylen = get_var_size_by_name (lexic, "key");
583 buflen = get_var_size_by_name (lexic, "buf");
584 if (!key || !buf || keylen <= 0)
585 {
586 nasl_perror (lexic, "Syntax : get_smb2_signature(buf:<b>, key:<k>)");
587 return NULL;
588 }
589 if (buflen < 64)
590 {
591 nasl_perror (lexic, "get_smb2_sign: Buffer length < 64");
592 return NULL;
593 }
594
595 /* Zero the SMB2 signature field, then calculate signature */
596 memset ((char *) buf + 48, 0, 16);
597 signature = hmac_sha256 (key, keylen, buf, buflen);
598
599 /* Return the header with signature included. */
600 ret = g_malloc0 (buflen);
601 memcpy (ret, buf, buflen);
602 memcpy ((char *) ret + 48, signature, 16);
603 g_free (signature);
604 retc = alloc_typed_cell (CONST_DATA);
605 retc->size = buflen;
606 retc->x.str_val = (char *) ret;
607 return retc;
608 }
609
610 tree_cell *
nasl_ntlmv2_response(lex_ctxt * lexic)611 nasl_ntlmv2_response (lex_ctxt *lexic)
612 {
613 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
614 char *user = (char *) get_str_var_by_name (lexic, "user");
615 char *domain = (char *) get_str_var_by_name (lexic, "domain");
616 unsigned char *ntlmv2_hash =
617 (unsigned char *) get_str_var_by_name (lexic, "ntlmv2_hash");
618 char *address_list = get_str_var_by_name (lexic, "address_list");
619 int address_list_len = get_int_var_by_name (lexic, "address_list_len", -1);
620
621 if (cryptkey == NULL || user == NULL || domain == NULL || ntlmv2_hash == NULL
622 || address_list == NULL || address_list_len < 0)
623 {
624 nasl_perror (
625 lexic, "Syntax : ntlmv2_response(cryptkey:<c>, user:<u>, domain:<d>, "
626 "ntlmv2_hash:<n>, address_list:<a>, address_list_len:<len>)\n");
627 return NULL;
628 }
629 uint8_t lm_response[24];
630 uint8_t nt_response[16 + 28 + address_list_len];
631 uint8_t session_key[16];
632 bzero (lm_response, sizeof (lm_response));
633 bzero (nt_response, sizeof (nt_response));
634 bzero (session_key, sizeof (session_key));
635
636 ntlmssp_genauth_ntlmv2 (user, domain, address_list, address_list_len,
637 cryptkey, lm_response, nt_response, session_key,
638 ntlmv2_hash);
639 tree_cell *retc;
640 int lm_response_len = 24;
641 int nt_response_len = 16 + 28 + address_list_len;
642 int len = lm_response_len + nt_response_len + sizeof (session_key);
643 char *ret = g_malloc0 (len);
644 memcpy (ret, lm_response, lm_response_len);
645 memcpy (ret + lm_response_len, session_key, sizeof (session_key));
646 memcpy (ret + lm_response_len + sizeof (session_key), nt_response,
647 nt_response_len);
648 retc = alloc_typed_cell (CONST_DATA);
649 retc->size = len;
650 retc->x.str_val = ret;
651 return retc;
652 }
653
654 tree_cell *
nasl_ntlm2_response(lex_ctxt * lexic)655 nasl_ntlm2_response (lex_ctxt *lexic)
656 {
657 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
658 char *password = get_str_var_by_name (lexic, "password");
659 uint8_t pass_len = get_var_size_by_name (lexic, "password");
660 void *nt_hash = get_str_var_by_name (lexic, "nt_hash");
661 int hash_len = get_var_size_by_name (lexic, "nt_hash");
662
663 if (!cryptkey || !password || !nt_hash || hash_len < 16)
664 {
665 nasl_perror (lexic, "Syntax : ntlm2_response(cryptkey:<c>, password:<p>, "
666 "nt_hash:<n[16]>)\n");
667 return NULL;
668 }
669
670 uint8_t lm_response[24];
671 uint8_t nt_response[24];
672 uint8_t session_key[16];
673
674 tree_cell *retc;
675 ntlmssp_genauth_ntlm2 (password, pass_len, lm_response, nt_response,
676 session_key, cryptkey, nt_hash);
677 int len = sizeof (lm_response) + sizeof (nt_response) + sizeof (session_key);
678 char *ret = g_malloc0 (len);
679 memcpy (ret, lm_response, sizeof (lm_response));
680 memcpy (ret + sizeof (lm_response), nt_response, sizeof (nt_response));
681 memcpy (ret + sizeof (lm_response) + sizeof (nt_response), session_key,
682 sizeof (session_key));
683 retc = alloc_typed_cell (CONST_DATA);
684 retc->size = len;
685 retc->x.str_val = ret;
686 return retc;
687 }
688
689 tree_cell *
nasl_ntlm_response(lex_ctxt * lexic)690 nasl_ntlm_response (lex_ctxt *lexic)
691 {
692 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
693 char *password = get_str_var_by_name (lexic, "password");
694 uint8_t pass_len = (uint8_t) get_var_size_by_name (lexic, "password");
695 void *nt_hash = get_str_var_by_name (lexic, "nt_hash");
696 int hash_len = get_var_size_by_name (lexic, "nt_hash");
697 int neg_flags = get_int_var_by_name (lexic, "neg_flags", -1);
698
699 if (!cryptkey || !password || !nt_hash || hash_len < 16 || neg_flags < 0)
700 {
701 nasl_perror (lexic, "Syntax : ntlm_response(cryptkey:<c>, password:<p>, "
702 "nt_hash:<n[16]>, neg_flags:<nf>)\n");
703 return NULL;
704 }
705
706 uint8_t lm_response[24];
707 uint8_t nt_response[24];
708 uint8_t session_key[16];
709
710 tree_cell *retc;
711
712 ntlmssp_genauth_ntlm (password, pass_len, lm_response, nt_response,
713 session_key, cryptkey, nt_hash, neg_flags);
714
715 int len = sizeof (lm_response) + sizeof (nt_response) + sizeof (session_key);
716 char *ret = g_malloc0 (len);
717 memcpy (ret, lm_response, sizeof (lm_response));
718 memcpy (ret + sizeof (lm_response), nt_response, sizeof (nt_response));
719 memcpy (ret + sizeof (lm_response) + sizeof (nt_response), session_key,
720 sizeof (session_key));
721 retc = alloc_typed_cell (CONST_DATA);
722 retc->size = len;
723 retc->x.str_val = ret;
724 return retc;
725 }
726
727 tree_cell *
nasl_keyexchg(lex_ctxt * lexic)728 nasl_keyexchg (lex_ctxt *lexic)
729 {
730 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
731 uint8_t *session_key = (uint8_t *) get_str_var_by_name (lexic, "session_key");
732 unsigned char *nt_hash =
733 (unsigned char *) get_str_var_by_name (lexic, "nt_hash");
734
735 if (cryptkey == NULL || session_key == NULL || nt_hash == NULL)
736 {
737 nasl_perror (
738 lexic,
739 "Syntax : key_exchange(cryptkey:<c>, session_key:<s>, nt_hash:<n> )\n");
740 return NULL;
741 }
742 uint8_t new_sess_key[16];
743 tree_cell *retc;
744 uint8_t *encrypted_session_key = NULL;
745 encrypted_session_key = ntlmssp_genauth_keyexchg (
746 session_key, cryptkey, nt_hash, (uint8_t *) &new_sess_key);
747 int len = 16 + 16;
748 char *ret = g_malloc0 (len);
749 memcpy (ret, new_sess_key, 16);
750 memcpy (ret + 16, encrypted_session_key, 16);
751 retc = alloc_typed_cell (CONST_DATA);
752 retc->size = len;
753 retc->x.str_val = ret;
754 return retc;
755 }
756
757 tree_cell *
nasl_ntlmv1_hash(lex_ctxt * lexic)758 nasl_ntlmv1_hash (lex_ctxt *lexic)
759 {
760 const uchar *cryptkey = (uchar *) get_str_var_by_name (lexic, "cryptkey");
761 char *password = get_str_var_by_name (lexic, "passhash");
762 int pass_len = get_var_size_by_name (lexic, "passhash");
763 unsigned char p21[21];
764 tree_cell *retc;
765 uchar *ret;
766
767 if (cryptkey == NULL || password == NULL)
768 {
769 nasl_perror (lexic, "Syntax : ntlmv1_hash(cryptkey:<c>, passhash:<p>)\n");
770 return NULL;
771 }
772
773 if (pass_len < 16)
774 pass_len = 16;
775
776 bzero (p21, sizeof (p21));
777 memcpy (p21, password, pass_len);
778
779 ret = g_malloc0 (24);
780
781 E_P24 (p21, cryptkey, ret);
782 retc = alloc_typed_cell (CONST_DATA);
783 retc->size = 24;
784 retc->x.str_val = (char *) ret;
785
786 return retc;
787 }
788
789 tree_cell *
nasl_nt_owf_gen(lex_ctxt * lexic)790 nasl_nt_owf_gen (lex_ctxt *lexic)
791 {
792 char *pass = get_str_var_by_num (lexic, 0);
793 gunichar2 *upass;
794 glong upass_len;
795 tree_cell *ret;
796
797 if (!pass)
798 {
799 nasl_perror (lexic, "Syntax : nt_owf_gen(<password>)\n");
800 return NULL;
801 }
802 upass = g_utf8_to_utf16 (pass, -1, NULL, &upass_len, NULL);
803 ret = nasl_gcrypt_hash (lexic, GCRY_MD_MD4, upass, upass_len * 2, NULL, 0);
804 g_free (upass);
805 return ret;
806 }
807
808 tree_cell *
nasl_lm_owf_gen(lex_ctxt * lexic)809 nasl_lm_owf_gen (lex_ctxt *lexic)
810 {
811 char *pass = get_str_var_by_num (lexic, 0);
812 int pass_len = get_var_size_by_num (lexic, 0);
813 tree_cell *retc;
814 uchar pwd[15];
815 uchar p16[16];
816 unsigned int i;
817
818 if (pass_len < 0 || pass == NULL)
819 {
820 nasl_perror (lexic, "Syntax : nt_lm_gen(password:<p>)\n");
821 return NULL;
822 }
823
824 bzero (pwd, sizeof (pwd));
825 strncpy ((char *) pwd, pass, sizeof (pwd) - 1);
826 for (i = 0; i < sizeof (pwd); i++)
827 pwd[i] = toupper (pwd[i]);
828
829 E_P16 (pwd, p16);
830
831 retc = alloc_typed_cell (CONST_DATA);
832 retc->size = 16;
833 retc->x.str_val = g_memdup (p16, 16);
834 return retc;
835 }
836
837 tree_cell *
nasl_insert_hexzeros(lex_ctxt * lexic)838 nasl_insert_hexzeros (lex_ctxt *lexic)
839 {
840 const uchar *in = (uchar *) get_str_var_by_name (lexic, "in");
841 int in_len = get_var_size_by_name (lexic, "in");
842 char *src;
843 smb_ucs2_t *out, *dst, val;
844 int i;
845 size_t byte_len;
846 tree_cell *retc;
847 if (in_len < 0 || in == NULL)
848 {
849 nasl_perror (lexic, "Syntax : insert_hexzeros(in:<i>)\n");
850 return NULL;
851 }
852
853 byte_len = sizeof (smb_ucs2_t) * (strlen ((char *) in) + 1);
854 out = g_malloc0 (byte_len);
855 dst = out;
856 src = (char *) in;
857
858 for (i = 0; i < in_len; i++)
859 {
860 val = *src;
861 *dst = val;
862 dst++;
863 src++;
864 if (val == 0)
865 break;
866 }
867
868 /* We don't want null termination */
869 byte_len = byte_len - 2;
870
871 retc = alloc_typed_cell (CONST_DATA);
872 retc->size = byte_len;
873 retc->x.str_val = (char *) out;
874 return retc;
875 }
876
877 /* Does both the NTLMv2 owfs of a user's password */
878 tree_cell *
nasl_ntv2_owf_gen(lex_ctxt * lexic)879 nasl_ntv2_owf_gen (lex_ctxt *lexic)
880 {
881 const uchar *owf_in = (uchar *) get_str_var_by_name (lexic, "owf");
882 int owf_in_len = get_var_size_by_name (lexic, "owf");
883 char *user_in = get_str_var_by_name (lexic, "login");
884 int user_in_len = get_var_size_by_name (lexic, "login");
885 char *domain_in = get_str_var_by_name (lexic, "domain");
886 int domain_len = get_var_size_by_name (lexic, "domain");
887 char *src_user, *src_domain;
888 smb_ucs2_t *user, *dst_user, val_user;
889 smb_ucs2_t *domain, *dst_domain, val_domain;
890 int i;
891 size_t user_byte_len;
892 size_t domain_byte_len;
893 tree_cell *retc;
894 uchar *kr_buf;
895 HMACMD5Context ctx;
896
897 if (owf_in_len < 0 || owf_in == NULL || user_in_len < 0 || user_in == NULL
898 || domain_len < 0 || domain_in == NULL)
899 {
900 nasl_perror (lexic,
901 "Syntax : ntv2_owf_gen(owf:<o>, login:<l>, domain:<d>)\n");
902 return NULL;
903 }
904
905 assert (owf_in_len == 16);
906
907 user_byte_len = sizeof (smb_ucs2_t) * (strlen (user_in) + 1);
908 user = g_malloc0 (user_byte_len);
909 dst_user = user;
910 src_user = user_in;
911
912 for (i = 0; i < user_in_len; i++)
913 {
914 val_user = *src_user;
915 *dst_user = val_user;
916 dst_user++;
917 src_user++;
918 if (val_user == 0)
919 break;
920 }
921
922 domain_byte_len = sizeof (smb_ucs2_t) * (strlen (domain_in) + 1);
923 domain = g_malloc0 (domain_byte_len);
924 dst_domain = domain;
925 src_domain = domain_in;
926
927 for (i = 0; i < domain_len; i++)
928 {
929 val_domain = *src_domain;
930 *dst_domain = val_domain;
931
932 dst_domain++;
933 src_domain++;
934 if (val_domain == 0)
935 break;
936 }
937
938 strupper_w (user);
939 strupper_w (domain);
940
941 assert (user_byte_len >= 2);
942 assert (domain_byte_len >= 2);
943
944 /* We don't want null termination */
945 user_byte_len = user_byte_len - 2;
946 domain_byte_len = domain_byte_len - 2;
947
948 kr_buf = g_malloc0 (16);
949
950 hmac_md5_init_limK_to_64 (owf_in, 16, &ctx);
951 hmac_md5_update ((const unsigned char *) user, user_byte_len, &ctx);
952 hmac_md5_update ((const unsigned char *) domain, domain_byte_len, &ctx);
953 hmac_md5_final (kr_buf, &ctx);
954
955 g_free (user);
956 g_free (domain);
957
958 retc = alloc_typed_cell (CONST_DATA);
959 retc->size = 16;
960 retc->x.str_val = (char *) kr_buf;
961
962 return retc;
963 }
964
965 tree_cell *
nasl_ntlmv2_hash(lex_ctxt * lexic)966 nasl_ntlmv2_hash (lex_ctxt *lexic)
967 {
968 const uchar *server_chal = (uchar *) get_str_var_by_name (lexic, "cryptkey");
969 int sc_len = get_var_size_by_name (lexic, "cryptkey");
970 const uchar *ntlm_v2_hash = (uchar *) get_str_var_by_name (lexic, "passhash");
971 int hash_len = get_var_size_by_name (lexic, "passhash");
972 int client_chal_length = get_int_var_by_name (lexic, "length", -1);
973 tree_cell *retc;
974 unsigned char ntlmv2_response[16];
975 unsigned char *ntlmv2_client_data = NULL;
976 unsigned char *final_response;
977 int i;
978
979 if (sc_len < 0 || server_chal == NULL || hash_len < 0 || ntlm_v2_hash == NULL
980 || client_chal_length < 0)
981 {
982 nasl_perror (
983 lexic,
984 "Syntax : ntlmv2_hash(cryptkey:<c>, passhash:<p>, length:<l>)\n");
985 return NULL;
986 }
987
988 /* NTLMv2 */
989
990 /* We also get to specify some random data */
991 ntlmv2_client_data = g_malloc0 (client_chal_length);
992 for (i = 0; i < client_chal_length; i++)
993 ntlmv2_client_data[i] = rand () % 256;
994
995 assert (hash_len == 16);
996 /* Given that data, and the challenge from the server, generate a response */
997 SMBOWFencrypt_ntv2_ntlmssp (ntlm_v2_hash, server_chal, 8, ntlmv2_client_data,
998 client_chal_length, ntlmv2_response);
999
1000 /* put it into nt_response, for the code below to put into the packet */
1001 final_response = g_malloc0 (client_chal_length + sizeof (ntlmv2_response));
1002 memcpy (final_response, ntlmv2_response, sizeof (ntlmv2_response));
1003 /* after the first 16 bytes is the random data we generated above, so the
1004 * server can verify us with it */
1005 memcpy (final_response + sizeof (ntlmv2_response), ntlmv2_client_data,
1006 client_chal_length);
1007
1008 g_free (ntlmv2_client_data);
1009
1010 retc = alloc_typed_cell (CONST_DATA);
1011 retc->size = client_chal_length + sizeof (ntlmv2_response);
1012 retc->x.str_val = (char *) final_response;
1013
1014 return retc;
1015 }
1016