ipxe/src/crypto/ntlm.c

/*
 * Copyright (C) 2017 Michael Brown <mbrown@fensystems.co.uk>.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 *
 * You can also choose to distribute this program under the terms of
 * the Unmodified Binary Distribution Licence (as given in the file
 * COPYING.UBDL), provided that you have satisfied its requirements.
 */

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

/** @file
 *
 * NT LAN Manager (NTLM) authentication
 *
 */

#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <errno.h>
#include <byteswap.h>
#include <ipxe/md4.h>
#include <ipxe/md5.h>
#include <ipxe/hmac.h>
#include <ipxe/ntlm.h>

/** Negotiate message
 *
 * This message content is fixed since there is no need to specify the
 * calling workstation name or domain name, and the set of flags is
 * mandated by the MS-NLMP specification.
 */
const struct ntlm_negotiate ntlm_negotiate = {
	.header = {
		.magic = NTLM_MAGIC,
		.type = cpu_to_le32 ( NTLM_NEGOTIATE ),
	},
	.flags = cpu_to_le32 ( NTLM_NEGOTIATE_EXTENDED_SESSIONSECURITY |
			       NTLM_NEGOTIATE_ALWAYS_SIGN |
			       NTLM_NEGOTIATE_NTLM |
			       NTLM_REQUEST_TARGET |
			       NTLM_NEGOTIATE_UNICODE ),
};

/**
 * Parse NTLM Challenge
 *
 * @v challenge		Challenge message
 * @v len		Length of Challenge message
 * @v info		Challenge information to fill in
 * @ret rc		Return status code
 */
int ntlm_challenge ( struct ntlm_challenge *challenge, size_t len,
		     struct ntlm_challenge_info *info ) {
	size_t offset;

	DBGC ( challenge, "NTLM challenge message:\n" );
	DBGC_HDA ( challenge, 0, challenge, len );

	/* Sanity checks */
	if ( len < sizeof ( *challenge ) ) {
		DBGC ( challenge, "NTLM underlength challenge (%zd bytes)\n",
		       len );
		return -EINVAL;
	}

	/* Extract nonce */
	info->nonce = &challenge->nonce;
	DBGC ( challenge, "NTLM challenge nonce:\n" );
	DBGC_HDA ( challenge, 0, info->nonce, sizeof ( *info->nonce ) );

	/* Extract target information */
	info->len = le16_to_cpu ( challenge->info.len );
	offset = le32_to_cpu ( challenge->info.offset );
	if ( ( offset > len ) ||
	     ( info->len > ( len - offset ) ) ) {
		DBGC ( challenge, "NTLM target information outside "
		       "challenge\n" );
		DBGC_HDA ( challenge, 0, challenge, len );
		return -EINVAL;
	}
	info->target = ( ( ( void * ) challenge ) + offset );
	DBGC ( challenge, "NTLM challenge target information:\n" );
	DBGC_HDA ( challenge, 0, info->target, info->len );

	return 0;
}

/**
 * Calculate NTLM verification key
 *
 * @v domain		Domain name (or NULL)
 * @v username		User name (or NULL)
 * @v password		Password (or NULL)
 * @v key		Key to fill in
 *
 * This is the NTOWFv2() function as defined in MS-NLMP.
 */
void ntlm_key ( const char *domain, const char *username,
		const char *password, struct ntlm_key *key ) {
	struct digest_algorithm *md4 = &md4_algorithm;
	struct digest_algorithm *md5 = &md5_algorithm;
	union {
		uint8_t md4[MD4_CTX_SIZE];
		uint8_t md5[MD5_CTX_SIZE];
	} ctx;
	uint8_t digest[MD4_DIGEST_SIZE];
	size_t digest_len;
	uint8_t c;
	uint16_t wc;

	/* Use empty usernames/passwords if not specified */
	if ( ! domain )
		domain = "";
	if ( ! username )
		username = "";
	if ( ! password )
		password = "";

	/* Construct MD4 digest of (Unicode) password */
	digest_init ( md4, ctx.md4 );
	while ( ( c = *(password++) ) ) {
		wc = cpu_to_le16 ( c );
		digest_update ( md4, ctx.md4, &wc, sizeof ( wc ) );
	}
	digest_final ( md4, ctx.md4, digest );

	/* Construct HMAC-MD5 of (Unicode) upper-case username */
	digest_len = sizeof ( digest );
	hmac_init ( md5, ctx.md5, digest, &digest_len );
	while ( ( c = *(username++) ) ) {
		wc = cpu_to_le16 ( toupper ( c ) );
		hmac_update ( md5, ctx.md5, &wc, sizeof ( wc ) );
	}
	while ( ( c = *(domain++) ) ) {
		wc = cpu_to_le16 ( c );
		hmac_update ( md5, ctx.md5, &wc, sizeof ( wc ) );
	}
	hmac_final ( md5, ctx.md5, digest, &digest_len, key->raw );
	DBGC ( key, "NTLM key:\n" );
	DBGC_HDA ( key, 0, key, sizeof ( *key ) );
}

/**
 * Construct NTLM responses
 *
 * @v info		Challenge information
 * @v key		Verification key
 * @v nonce		Nonce, or NULL to use a random nonce
 * @v lm		LAN Manager response to fill in
 * @v nt		NT response to fill in
 */
void ntlm_response ( struct ntlm_challenge_info *info, struct ntlm_key *key,
		     struct ntlm_nonce *nonce, struct ntlm_lm_response *lm,
		     struct ntlm_nt_response *nt ) {
	struct digest_algorithm *md5 = &md5_algorithm;
	struct ntlm_nonce tmp_nonce;
	uint8_t ctx[MD5_CTX_SIZE];
	size_t key_len = sizeof ( *key );
	unsigned int i;

	/* Generate random nonce, if needed */
	if ( ! nonce ) {
		for ( i = 0 ; i < sizeof ( tmp_nonce ) ; i++ )
			tmp_nonce.raw[i] = random();
		nonce = &tmp_nonce;
	}

	/* Construct LAN Manager response */
	memcpy ( &lm->nonce, nonce, sizeof ( lm->nonce ) );
	hmac_init ( md5, ctx, key->raw, &key_len );
	hmac_update ( md5, ctx, info->nonce, sizeof ( *info->nonce ) );
	hmac_update ( md5, ctx, &lm->nonce, sizeof ( lm->nonce ) );
	hmac_final ( md5, ctx, key->raw, &key_len, lm->digest );
	DBGC ( key, "NTLM LAN Manager response:\n" );
	DBGC_HDA ( key, 0, lm, sizeof ( *lm ) );

	/* Construct NT response */
	memset ( nt, 0, sizeof ( *nt ) );
	nt->version = NTLM_VERSION_NTLMV2;
	nt->high = NTLM_VERSION_NTLMV2;
	memcpy ( &nt->nonce, nonce, sizeof ( nt->nonce ) );
	hmac_init ( md5, ctx, key->raw, &key_len );
	hmac_update ( md5, ctx, info->nonce, sizeof ( *info->nonce ) );
	hmac_update ( md5, ctx, &nt->version,
		      ( sizeof ( *nt ) -
			offsetof ( typeof ( *nt ), version ) ) );
	hmac_update ( md5, ctx, info->target, info->len );
	hmac_update ( md5, ctx, &nt->zero, sizeof ( nt->zero ) );
	hmac_final ( md5, ctx, key->raw, &key_len, nt->digest );
	DBGC ( key, "NTLM NT response prefix:\n" );
	DBGC_HDA ( key, 0, nt, sizeof ( *nt ) );
}

/**
 * Append data to NTLM message
 *
 * @v header		Message header, or NULL to only calculate next payload
 * @v data		Data descriptor
 * @v payload		Data payload
 * @v len		Length of data
 * @ret payload		Next data payload
 */
static void * ntlm_append ( struct ntlm_header *header, struct ntlm_data *data,
			    void *payload, size_t len ) {

	/* Populate data descriptor */
	if ( header ) {
		data->offset = cpu_to_le32 ( payload - ( ( void * ) header ) );
		data->len = data->max_len = cpu_to_le16 ( len );
	}

	return ( payload + len );
}

/**
 * Append Unicode string data to NTLM message
 *
 * @v header		Message header, or NULL to only calculate next payload
 * @v data		Data descriptor
 * @v payload		Data payload
 * @v string		String to append, or NULL
 * @ret payload		Next data payload
 */
static void * ntlm_append_string ( struct ntlm_header *header,
				   struct ntlm_data *data, void *payload,
				   const char *string ) {
	uint16_t *tmp = payload;
	uint8_t c;

	/* Convert string to Unicode */
	for ( tmp = payload ; ( string && ( c = *(string++) ) ) ; tmp++ ) {
		if ( header )
			*tmp = cpu_to_le16 ( c );
	}

	/* Append string data */
	return ntlm_append ( header, data, payload,
			     ( ( ( void * ) tmp ) - payload ) );
}

/**
 * Construct NTLM Authenticate message
 *
 * @v info		Challenge information
 * @v domain		Domain name, or NULL
 * @v username		User name, or NULL
 * @v workstation	Workstation name, or NULL
 * @v lm		LAN Manager response
 * @v nt		NT response
 * @v auth		Message to fill in, or NULL to only calculate length
 * @ret len		Length of message
 */
size_t ntlm_authenticate ( struct ntlm_challenge_info *info, const char *domain,
			   const char *username, const char *workstation,
			   struct ntlm_lm_response *lm,
			   struct ntlm_nt_response *nt,
			   struct ntlm_authenticate *auth ) {
	void *tmp;
	size_t nt_len;
	size_t len;

	/* Construct response header */
	if ( auth ) {
		memset ( auth, 0, sizeof ( *auth ) );
		memcpy ( auth->header.magic, ntlm_negotiate.header.magic,
			 sizeof ( auth->header.magic ) );
		auth->header.type = cpu_to_le32 ( NTLM_AUTHENTICATE );
		auth->flags = ntlm_negotiate.flags;
	}
	tmp = ( ( ( void * ) auth ) + sizeof ( *auth ) );

	/* Construct LAN Manager response */
	if ( auth )
		memcpy ( tmp, lm, sizeof ( *lm ) );
	tmp = ntlm_append ( &auth->header, &auth->lm, tmp, sizeof ( *lm ) );

	/* Construct NT response */
	nt_len = ( sizeof ( *nt ) + info->len + sizeof ( nt->zero ) );
	if ( auth ) {
		memcpy ( tmp, nt, sizeof ( *nt ) );
		memcpy ( ( tmp + sizeof ( *nt ) ), info->target, info->len );
		memset ( ( tmp + sizeof ( *nt ) + info->len ), 0,
			 sizeof ( nt->zero ) );
	}
	tmp = ntlm_append ( &auth->header, &auth->nt, tmp, nt_len );

	/* Populate domain, user, and workstation names */
	tmp = ntlm_append_string ( &auth->header, &auth->domain, tmp, domain );
	tmp = ntlm_append_string ( &auth->header, &auth->user, tmp, username );
	tmp = ntlm_append_string ( &auth->header, &auth->workstation, tmp,
				   workstation );

	/* Calculate length */
	len = ( tmp - ( ( void * ) auth ) );
	if ( auth ) {
		DBGC ( auth, "NTLM authenticate message:\n" );
		DBGC_HDA ( auth, 0, auth, len );
	}

	return len;
}

/**
 * Calculate NTLM Authenticate message length
 *
 * @v info		Challenge information
 * @v domain		Domain name, or NULL
 * @v username		User name, or NULL
 * @v workstation	Workstation name, or NULL
 * @ret len		Length of Authenticate message
 */
size_t ntlm_authenticate_len ( struct ntlm_challenge_info *info,
			       const char *domain, const char *username,
			       const char *workstation ) {

	return ntlm_authenticate ( info, domain, username, workstation,
				   NULL, NULL, NULL );
}