Katana_mirror/kdelibs
1
0
Fork 0
mirror of https://bitbucket.org/smil3y/kdelibs.git synced 2025-02-24 02:42:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

kio: remove now unused kntlm library

Browse source 
Signed-off-by: Ivailo Monev <xakepa10@gmail.com>
This commit is contained in:
Ivailo Monev 2022-02-21 04:28:08 +02:00
parent 11ea54d213
commit 0c77e10dc6
8 changed files with 0 additions and 1245 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
includes/CMakeLists.txt
View file

@ -215,7 +215,6 @@ install(
KNSBookmarkExporterImpl
KNSBookmarkImporter
KNSBookmarkImporterImpl
KNTLM
KNewFileMenu
KNewPasswordDialog
KNotification

1
includes/KNTLM
View file

@ -1 +0,0 @@
#include "../kio/kntlm.h"

1
kio/misc/CMakeLists.txt
View file

@ -4,7 +4,6 @@ include_directories(BEFORE ${CMAKE_SOURCE_DIR}/kio)
# arpa/nameser.h
add_subdirectory(kpac)
add_subdirectory(kntlm)
########### next target ###############

27
kio/misc/kntlm/CMakeLists.txt
View file

@ -1,27 +0,0 @@
set(kntlm_LIB_SRCS kntlm.cpp des.cpp)
add_library(kntlm ${LIBRARY_TYPE} ${kntlm_LIB_SRCS})
target_link_libraries(kntlm ${KDE4_KDECORE_LIBS})
set_target_properties(kntlm PROPERTIES
VERSION ${GENERIC_LIB_VERSION}
SOVERSION ${GENERIC_LIB_SOVERSION}
)
install(
TARGETS kntlm
EXPORT kdelibsLibraryTargets
${INSTALL_TARGETS_DEFAULT_ARGS}
)
generate_export_header(kntlm)
install(
FILES
${CMAKE_CURRENT_BINARY_DIR}/kntlm_export.h
kntlm.h
DESTINATION ${KDE4_INCLUDE_INSTALL_DIR}/kio
COMPONENT Devel
)

535
kio/misc/kntlm/des.cpp
View file

@ -1,535 +0,0 @@
/*
* Sofware DES functions
*
* Copyright 1988-1991 Phil Karn <karn@ka9q.net>
* Copyright 2003 Nikos Mavroyanopoulos <nmav@hellug.gr>
*
* Taken from libmcrypt (http://mcrypt.hellug.gr/lib/index.html).
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
/* Sofware DES functions
* written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
* the 1977 public-domain program by Jim Gillogly
* Modified for additional speed - 6 December 1988 Phil Karn
* Modified for parameterized key schedules - Jan 1991 Phil Karn
* Callers now allocate a key schedule as follows:
* kn = (char (*)[8])malloc(sizeof(char) * 8 * 16);
* or
* char kn[16][8];
*/
/* modified in order to use the libmcrypt API by Nikos Mavroyanopoulos
* All modifications are placed under the license of libmcrypt.
*/
#include "des.h"
#include <string.h>
#include <QtCore/qendian.h>
static void permute_ip (unsigned char *inblock, DES_KEY * key, unsigned char *outblock);
static void permute_fp (unsigned char *inblock, DES_KEY * key, unsigned char *outblock);
static void perminit_ip (DES_KEY * key);
static void spinit (DES_KEY * key);
static void perminit_fp (DES_KEY * key);
static quint32 f (DES_KEY * key, quint32 r, char *subkey);
/* Tables defined in the Data Encryption Standard documents */
/* initial permutation IP */
static const char ip[] = {
58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7
};
/* final permutation IP^-1 */
static const char fp[] = {
40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25
};
/* expansion operation matrix
* This is for reference only; it is unused in the code
* as the f() function performs it implicitly for speed
*/
#ifdef notdef
static const char ei[] = {
32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1
};
#endif
/* permuted choice table (key) */
static const char pc1[] = {
57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4
};
/* number left rotations of pc1 */
static const char totrot[] = {
1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19, 21, 23, 25, 27, 28
};
/* permuted choice key (table) */
static const char pc2[] = {
14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32
};
/* The (in)famous S-boxes */
static const char si[8][64] = {
/* S1 */
{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13},
/* S2 */
{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9},
/* S3 */
{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12},
/* S4 */
{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14},
/* S5 */
{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3},
/* S6 */
{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13},
/* S7 */
{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12},
/* S8 */
{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11},
};
/* 32-bit permutation function P used on the output of the S-boxes */
static const char p32i[] = {
16, 7, 20, 21,
29, 12, 28, 17,
1, 15, 23, 26,
5, 18, 31, 10,
2, 8, 24, 14,
32, 27, 3, 9,
19, 13, 30, 6,
22, 11, 4, 25
};
/* End of DES-defined tables */
/* Lookup tables initialized once only at startup by desinit() */
/* bit 0 is left-most in byte */
static const int bytebit[] = {
0200, 0100, 040, 020, 010, 04, 02, 01
};
static const int nibblebit[] = {
010, 04, 02, 01
};
/* Allocate space and initialize DES lookup arrays
* mode == 0: standard Data Encryption Algorithm
*/
static int
desinit (DES_KEY * key)
{
spinit (key);
perminit_ip (key);
perminit_fp (key);
return 0;
}
/* Set key (initialize key schedule array) */
int
ntlm_des_set_key (DES_KEY * dkey, char *user_key, int /*len*/)
{
char pc1m[56]; /* place to modify pc1 into */
char pcr[56]; /* place to rotate pc1 into */
int i, j, l;
int m;
memset(dkey, 0, sizeof (DES_KEY));
desinit (dkey);
/* Clear key schedule */
for (j = 0; j < 56; ++j)
{ /* convert pc1 to bits of key */
l = pc1[j] - 1; /* integer bit location */
m = l & 07; /* find bit */
pc1m[j] = (user_key[l >> 3] & /* find which key byte l is in */
bytebit[m]) /* and which bit of that byte */
? 1 : 0; /* and store 1-bit result */
}
for (i = 0; i < 16; ++i)
{ /* key chunk for each iteration */
for (j = 0; j < 56; ++j) /* rotate pc1 the right amount */
pcr[j] = pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l : l - 28];
/* rotate left and right halves independently */
for (j = 0; j < 48; ++j)
{ /* select bits individually */
/* check bit that goes to kn[j] */
if (pcr[pc2[j] - 1])
{
/* mask it in if it's there */
l = j % 6;
dkey->kn[i][j / 6] |= bytebit[l] >> 2;
}
}
}
return 0;
}
/* In-place encryption of 64-bit block */
static void
ntlm_des_encrypt (DES_KEY * key, unsigned char *block)
{
quint32 left, right;
char *knp;
quint32 work[2]; /* Working data storage */
permute_ip (block, key, (unsigned char *) work); /* Initial Permutation */
left = qFromBigEndian(work[0]);
right = qFromBigEndian(work[1]);
/* Do the 16 rounds.
* The rounds are numbered from 0 to 15. On even rounds
* the right half is fed to f() and the result exclusive-ORs
* the left half; on odd rounds the reverse is done.
*/
knp = &key->kn[0][0];
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
knp += 8;
left ^= f (key, right, knp);
knp += 8;
right ^= f (key, left, knp);
/* Left/right half swap, plus byte swap if little-endian */
work[1] = qToBigEndian( left );
work[0] = qToBigEndian( right );
permute_fp ((unsigned char *) work, key, block); /* Inverse initial permutation */
}
/* Permute inblock with perm */
static void
permute_ip (unsigned char *inblock, DES_KEY * key, unsigned char *outblock)
{
unsigned char *ib, *ob; /* ptr to input or output block */
char *p, *q;
int j;
/* Clear output block */
memset(outblock, 0, 8);
ib = inblock;
for (j = 0; j < 16; j += 2, ++ib)
{ /* for each input nibble */
ob = outblock;
p = key->iperm[j][(*ib >> 4) & 0xf];
q = key->iperm[j + 1][*ib & 0xf];
/* and each output byte, OR the masks together */
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
}
}
/* Permute inblock with perm */
static void
permute_fp (unsigned char *inblock, DES_KEY * key, unsigned char *outblock)
{
unsigned char *ib, *ob; /* ptr to input or output block */
char *p, *q;
int j;
/* Clear output block */
memset(outblock, 0, 8);
ib = inblock;
for (j = 0; j < 16; j += 2, ++ib)
{ /* for each input nibble */
ob = outblock;
p = key->fperm[j][(*ib >> 4) & 0xf];
q = key->fperm[j + 1][*ib & 0xf];
/* and each output byte, OR the masks together */
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
*ob++ |= *p++ | *q++;
}
}
/* The nonlinear function f(r,k), the heart of DES */
static quint32
f (DES_KEY * key, quint32 r, char *subkey)
{
quint32 *spp;
quint32 rval, rt;
int er;
#ifdef TRACE
printf ("f(%08lx, %02x %02x %02x %02x %02x %02x %02x %02x) = ",
r,
subkey[0], subkey[1], subkey[2],
subkey[3], subkey[4], subkey[5], subkey[6], subkey[7]);
#endif
/* Run E(R) ^ K through the combined S & P boxes.
* This code takes advantage of a convenient regularity in
* E, namely that each group of 6 bits in E(R) feeding
* a single S-box is a contiguous segment of R.
*/
subkey += 7;
/* Compute E(R) for each block of 6 bits, and run thru boxes */
er = ((int) r << 1) | ((r & 0x80000000) ? 1 : 0);
spp = &key->sp[7][0];
rval = spp[(er ^ *subkey--) & 0x3f];
spp -= 64;
rt = (quint32) r >> 3;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rval |= spp[((int) rt ^ *subkey--) & 0x3f];
spp -= 64;
rt >>= 4;
rt |= (r & 1) << 5;
rval |= spp[((int) rt ^ *subkey) & 0x3f];
#ifdef TRACE
printf (" %08lx\n", rval);
#endif
return rval;
}
/* initialize a perm array */
static void
perminit_ip (DES_KEY * key)
{
int l, j, k;
int i, m;
/* Clear the permutation array */
memset(key->iperm, 0, 16 * 16 * 8);
for (i = 0; i < 16; ++i) /* each input nibble position */
for (j = 0; j < 16; ++j) /* each possible input nibble */
for (k = 0; k < 64; ++k)
{ /* each output bit position */
l = ip[k] - 1; /* where does this bit come from */
if ((l >> 2) != i) /* does it come from input posn? */
continue; /* if not, bit k is 0 */
if (!(j & nibblebit[l & 3]))
continue; /* any such bit in input? */
m = k & 07; /* which bit is this in the byte */
key->iperm[i][j][k >> 3] |= bytebit[m];
}
}
static void
perminit_fp (DES_KEY * key)
{
int l, j, k;
int i, m;
/* Clear the permutation array */
memset(key->fperm, 0, 16 * 16 * 8);
for (i = 0; i < 16; ++i) /* each input nibble position */
for (j = 0; j < 16; ++j) /* each possible input nibble */
for (k = 0; k < 64; ++k)
{ /* each output bit position */
l = fp[k] - 1; /* where does this bit come from */
if ((l >> 2) != i) /* does it come from input posn? */
continue; /* if not, bit k is 0 */
if (!(j & nibblebit[l & 3]))
continue; /* any such bit in input? */
m = k & 07; /* which bit is this in the byte */
key->fperm[i][j][k >> 3] |= bytebit[m];
}
}
/* Initialize the lookup table for the combined S and P boxes */
static void
spinit (DES_KEY * key)
{
char pbox[32];
int p, i, s, j, rowcol;
quint32 val;
/* Compute pbox, the inverse of p32i.
* This is easier to work with
*/
for (p = 0; p < 32; ++p)
{
for (i = 0; i < 32; ++i)
{
if (p32i[i] - 1 == p)
{
pbox[p] = i;
break;
}
}
}
for (s = 0; s < 8; ++s)
{ /* For each S-box */
for (i = 0; i < 64; ++i)
{ /* For each possible input */
val = 0;
/* The row number is formed from the first and last
* bits; the column number is from the middle 4
*/
rowcol = (i & 32) | ((i & 1) ? 16 : 0) | ((i >> 1) & 0xf);
for (j = 0; j < 4; j++)
{ /* For each output bit */
if (si[s][rowcol] & (8 >> j))
{
val |= 1L << (31 - pbox[4 * s + j]);
}
}
key->sp[s][i] = val;
}
}
}
int
ntlm_des_ecb_encrypt (const void *plaintext, int len, DES_KEY * akey,
unsigned char output[8])
{
int j;
const unsigned char *plain = (const unsigned char *) plaintext;
for (j = 0; j < len / 8; ++j)
{
memcpy (&output[j * 8], &plain[j * 8], 8);
ntlm_des_encrypt (akey, &output[j * 8]);
}
if (j == 0 && len != 0)
return -1; /* no blocks were encrypted */
return 0;
}

42
kio/misc/kntlm/des.h
View file

@ -1,42 +0,0 @@
/*
* Sofware DES functions
*
* Copyright 1988-1991 Phil Karn <karn@ka9q.net>
* Copyright 2003 Nikos Mavroyanopoulos <nmav@hellug.gr>
*
* Taken from libmcrypt (http://mcrypt.hellug.gr/lib/index.html).
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
#ifndef KNTLM_DES_H
#define KNTLM_DES_H
#include <QtCore/qglobal.h>
typedef struct des_key
{
char kn[16][8];
quint32 sp[8][64];
char iperm[16][16][8];
char fperm[16][16][8];
} DES_KEY;
int
ntlm_des_ecb_encrypt (const void *plaintext, int len, DES_KEY * akey, unsigned char output[8]);
int
ntlm_des_set_key (DES_KEY * dkey, char *user_key, int len);
#endif /* KNTLM_DES_H */

416
kio/misc/kntlm/kntlm.cpp
View file

@ -1,416 +0,0 @@
/* This file is part of the KDE libraries
Copyright (c) 2004 Szombathelyi Gy<EFBFBD>gy <gyurco@freemail.hu>
The implementation is based on the documentation and sample code
at http://davenport.sourceforge.net/ntlm.html
The DES encryption functions are from libntlm
at http://josefsson.org/libntlm/
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License version 2 as published by the Free Software Foundation.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public License
along with this library; see the file COPYING.LIB. If not, write to
the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301, USA.
*/
#include "kntlm.h"
#include "des.h"
#include <cstring>
#include <QtCore/qdatetime.h>
#include <QtCore/qendian.h>
#include <QCryptographicHash>
#include <krandom.h>
#include <kdebug.h>
static const char NTLM_SIGNATURE[] = "NTLMSSP";
static QByteArray QString2UnicodeLE (const QString &target)
{
QByteArray unicode (target.length() * 2, 0);
for (int i = 0; i < target.length(); i++) {
((quint16 *) unicode.data()) [ i ] = qToLittleEndian (target[i].unicode());
}
return unicode;
}
static QString UnicodeLE2QString (const QChar *data, uint len)
{
QString ret;
for (uint i = 0; i < len; i++) {
ret += qFromLittleEndian (data[ i ].unicode());
}
return ret;
}
static QByteArray getBuf (const QByteArray &buf, const KNTLM::SecBuf &secbuf)
{
quint32 offset = qFromLittleEndian ( (quint32) secbuf.offset);
quint16 len = qFromLittleEndian (secbuf.len);
//watch for buffer overflows
if (offset > (quint32) buf.size() || offset + len > (quint32) buf.size()) {
return QByteArray();
}
return QByteArray (buf.data() + offset, buf.size());
}
static void addBuf (QByteArray &buf, KNTLM::SecBuf &secbuf, const QByteArray &data)
{
quint32 offset = (buf.size() + 1) & 0xfffffffe;
quint16 len = data.size();
quint16 maxlen = data.size();
secbuf.offset = qToLittleEndian ( (quint32) offset);
secbuf.len = qToLittleEndian (len);
secbuf.maxlen = qToLittleEndian (maxlen);
buf.resize (offset + len);
memcpy (buf.data() + offset, data.data(), data.size());
}
static QString getString (const QByteArray &buf, const KNTLM::SecBuf &secbuf, bool unicode)
{
//watch for buffer overflows
quint32 offset = qFromLittleEndian ( (quint32) secbuf.offset);
quint16 len = qFromLittleEndian (secbuf.len);
if (offset > (quint32) buf.size() || offset + len > (quint32) buf.size()) {
return QString();
}
const char *c = buf.data() + offset;
if (unicode) {
return UnicodeLE2QString ( (QChar *) c, len >> 1);
}
return QString::fromLatin1 (c, len);
}
static void addString (QByteArray &buf, KNTLM::SecBuf &secbuf, const QString &str, bool unicode = false)
{
if (unicode) {
addBuf (buf, secbuf, QString2UnicodeLE (str));
return;
}
addBuf (buf, secbuf, str.toLatin1());
}
/*
* turns a 56 bit key into the 64 bit, odd parity key and sets the key.
* The key schedule ks is also set.
*/
static void convertKey (unsigned char *key_56, void *ks)
{
unsigned char key[8];
key[0] = key_56[0];
key[1] = ( (key_56[0] << 7) & 0xFF) | (key_56[1] >> 1);
key[2] = ( (key_56[1] << 6) & 0xFF) | (key_56[2] >> 2);
key[3] = ( (key_56[2] << 5) & 0xFF) | (key_56[3] >> 3);
key[4] = ( (key_56[3] << 4) & 0xFF) | (key_56[4] >> 4);
key[5] = ( (key_56[4] << 3) & 0xFF) | (key_56[5] >> 5);
key[6] = ( (key_56[5] << 2) & 0xFF) | (key_56[6] >> 6);
key[7] = (key_56[6] << 1) & 0xFF;
for (uint i = 0; i < 8; i++) {
unsigned char b = key[i];
bool needsParity = ((((b >> 7) ^ (b >> 6) ^ (b >> 5) ^ (b >> 4) ^ (b >> 3) ^ (b >> 2) ^ (b >> 1)) & 0x01) == 0);
if (needsParity) {
key[i] |= 0x01;
} else {
key[i] &= 0xfe;
}
}
ntlm_des_set_key ( (DES_KEY *) ks, (char *) &key, sizeof (key));
memset (&key, 0, sizeof (key));
}
static QByteArray createBlob (const QByteArray &targetinfo)
{
QByteArray blob (sizeof (KNTLM::Blob) + 4 + targetinfo.size(), 0);
KNTLM::Blob *bl = (KNTLM::Blob *) blob.data();
bl->signature = qToBigEndian ( (quint32) 0x01010000);
quint64 now = QDateTime::currentDateTime().toTime_t();
now += (quint64) 3600 * (quint64) 24 * (quint64) 134774;
now *= (quint64) 10000000;
bl->timestamp = qToLittleEndian (now);
for (uint i = 0; i < 8; i++) {
bl->challenge[i] = KRandom::random() % 0xff;
}
memcpy (blob.data() + sizeof (KNTLM::Blob), targetinfo.data(), targetinfo.size());
return blob;
}
static QByteArray hmacMD5 (const QByteArray &data, const QByteArray &key)
{
quint8 ipad[64], opad[64];
QByteArray ret;
memset (ipad, 0x36, sizeof (ipad));
memset (opad, 0x5c, sizeof (opad));
for (int i = key.size() - 1; i >= 0; i--) {
ipad[i] ^= key[i];
opad[i] ^= key[i];
}
QByteArray content (data.size() + 64, 0);
memcpy (content.data(), ipad, 64);
memcpy (content.data() + 64, data.data(), data.size());
QCryptographicHash md5 (QCryptographicHash::Md5);
md5.addData (content);
content.resize (64);
memcpy (content.data(), opad, 64);
content += md5.result();
md5.reset();
md5.addData (content);
return md5.result();
}
/*************************************** KNTLM implementation ***************************************/
bool KNTLM::getNegotiate (QByteArray &negotiate, const QString &domain, const QString &workstation, quint32 flags)
{
QByteArray rbuf (sizeof (Negotiate), 0);
memcpy (rbuf.data(), NTLM_SIGNATURE, sizeof (NTLM_SIGNATURE));
((Negotiate *) rbuf.data())->msgType = qToLittleEndian ( (quint32) 1);
if (!domain.isEmpty()) {
flags |= Negotiate_Domain_Supplied;
addString (rbuf, ((Negotiate *) rbuf.data())->domain, domain);
}
if (!workstation.isEmpty()) {
flags |= Negotiate_WS_Supplied;
addString (rbuf, ((Negotiate *) rbuf.data())->workstation, workstation);
}
((Negotiate *) rbuf.data())->flags = qToLittleEndian (flags);
negotiate = rbuf;
return true;
}
bool KNTLM::getAuth (QByteArray &auth, const QByteArray &challenge,
const QString &user, const QString &password, const QString &domain,
const QString &workstation, AuthFlags authflags)
{
QByteArray rbuf (sizeof (Auth), 0);
Challenge *ch = (Challenge *) challenge.data();
QByteArray response;
uint chsize = challenge.size();
bool unicode = false;
QString dom;
//challenge structure too small
if (chsize < 32) {
return false;
}
unicode = qFromLittleEndian (ch->flags) & Negotiate_Unicode;
if (domain.isEmpty()) {
dom = getString (challenge, ch->targetName, unicode);
} else {
dom = domain;
}
memcpy (rbuf.data(), NTLM_SIGNATURE, sizeof (NTLM_SIGNATURE));
((Auth *) rbuf.data())->msgType = qToLittleEndian ( (quint32) 3);
((Auth *) rbuf.data())->flags = ch->flags;
QByteArray targetInfo = getBuf (challenge, ch->targetInfo);
if (!(authflags & Force_V1) &&
((authflags & Force_V2) ||
(!targetInfo.isEmpty() && (qFromLittleEndian(ch->flags) & Negotiate_Target_Info))) /* may support NTLMv2 */) {
bool ret = false;
if (qFromLittleEndian (ch->flags) & Negotiate_NTLM) {
if (targetInfo.isEmpty())
return false;
response = getNTLMv2Response (dom, user, password, targetInfo, ch->challengeData);
addBuf (rbuf, ((Auth *) rbuf.data())->ntResponse, response);
ret = true;
}
if (authflags & Add_LM) {
response = getLMv2Response (dom, user, password, ch->challengeData);
addBuf (rbuf, ((Auth *) rbuf.data())->lmResponse, response);
ret = true;
}
if (!ret) {
return false;
}
} else { //if no targetinfo structure and NTLMv2 or LMv2 not forced, or v1 forced, try the older methods
bool ret = false;
if (qFromLittleEndian (ch->flags) & Negotiate_NTLM) {
response = getNTLMResponse (password, ch->challengeData);
addBuf (rbuf, ((Auth *) rbuf.data())->ntResponse, response);
ret = true;
}
if (authflags & Add_LM) {
response = getLMResponse (password, ch->challengeData);
addBuf (rbuf, ((Auth *) rbuf.data())->lmResponse, response);
ret = true;
}
if (!ret) {
return false;
}
}
if (!dom.isEmpty()) {
addString (rbuf, ((Auth *) rbuf.data())->domain, dom, unicode);
}
addString (rbuf, ((Auth *) rbuf.data())->user, user, unicode);
if (!workstation.isEmpty()) {
addString (rbuf, ((Auth *) rbuf.data())->workstation, workstation, unicode);
}
auth = rbuf;
return true;
}
QByteArray KNTLM::getLMResponse (const QString &password, const unsigned char *challenge)
{
QByteArray hash, answer;
hash = lmHash (password);
hash.resize (21);
memset (hash.data() + 16, 0, 5);
answer = lmResponse (hash, challenge);
hash.fill (0);
return answer;
}
QByteArray KNTLM::lmHash (const QString &password)
{
QByteArray keyBytes (14, 0);
QByteArray hash (16, 0);
DES_KEY ks;
const char *magic = "KGS!@#$%";
strncpy (keyBytes.data(), password.toUpper().toLatin1(), 14);
convertKey ( (unsigned char *) keyBytes.data(), &ks);
ntlm_des_ecb_encrypt (magic, 8, &ks, (unsigned char *) hash.data());
convertKey ( (unsigned char *) keyBytes.data() + 7, &ks);
ntlm_des_ecb_encrypt (magic, 8, &ks, (unsigned char *) hash.data() + 8);
keyBytes.fill (0);
memset (&ks, 0, sizeof (ks));
return hash;
}
QByteArray KNTLM::lmResponse (const QByteArray &hash, const unsigned char *challenge)
{
DES_KEY ks;
QByteArray answer (24, 0);
convertKey ( (unsigned char *) hash.data(), &ks);
ntlm_des_ecb_encrypt (challenge, 8, &ks, (unsigned char *) answer.data());
convertKey ( (unsigned char *) hash.data() + 7, &ks);
ntlm_des_ecb_encrypt (challenge, 8, &ks, (unsigned char *) answer.data() + 8);
convertKey ( (unsigned char *) hash.data() + 14, &ks);
ntlm_des_ecb_encrypt (challenge, 8, &ks, (unsigned char *) answer.data() + 16);
memset (&ks, 0, sizeof (ks));
return answer;
}
QByteArray KNTLM::getNTLMResponse (const QString &password, const unsigned char *challenge)
{
QByteArray hash = ntlmHash (password);
hash.resize (21);
memset (hash.data() + 16, 0, 5);
QByteArray answer = lmResponse (hash, challenge);
hash.fill (0);
return answer;
}
QByteArray KNTLM::ntlmHash (const QString &password)
{
QByteArray unicode;
unicode = QString2UnicodeLE (password);
return QCryptographicHash::hash (unicode, QCryptographicHash::Md4);
}
QByteArray KNTLM::getNTLMv2Response (const QString &target, const QString &user,
const QString &password, const QByteArray &targetInformation,
const unsigned char *challenge)
{
QByteArray hash = ntlmv2Hash (target, user, password);
QByteArray blob = createBlob (targetInformation);
return lmv2Response (hash, blob, challenge);
}
QByteArray KNTLM::getLMv2Response (const QString &target, const QString &user,
const QString &password, const unsigned char *challenge)
{
QByteArray hash = ntlmv2Hash (target, user, password);
QByteArray clientChallenge (8, 0);
for (uint i = 0; i < 8; i++) {
clientChallenge.data() [i] = KRandom::random() % 0xff;
}
return lmv2Response (hash, clientChallenge, challenge);
}
QByteArray KNTLM::ntlmv2Hash (const QString &target, const QString &user, const QString &password)
{
const QByteArray hash = ntlmHash (password);
const QByteArray key = QString2UnicodeLE (user.toUpper() + target);
return hmacMD5 (key, hash);
}
QByteArray KNTLM::lmv2Response (const QByteArray &hash,
const QByteArray &clientData, const unsigned char *challenge)
{
QByteArray data (8 + clientData.size(), 0);
memcpy (data.data(), challenge, 8);
memcpy (data.data() + 8, clientData.data(), clientData.size());
QByteArray mac = hmacMD5 (data, hash);
mac.resize (16 + clientData.size());
memcpy (mac.data() + 16, clientData.data(), clientData.size());
return mac;
}

222
kio/misc/kntlm/kntlm.h
View file

@ -1,222 +0,0 @@
/*
This file is part of the KDE libraries.
Copyright (c) 2004 Szombathelyi György <gyurco@freemail.hu>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License version 2 as published by the Free Software Foundation.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public License
along with this library; see the file COPYING.LIB. If not, write to
the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301, USA.
*/
#ifndef KNTLM_H
#define KNTLM_H
#include <QtCore/QString>
#include <QtCore/QByteArray>
#include "misc/kntlm/kntlm_export.h"
/**
* @short KNTLM class implements the NTLM authentication protocol.
*
* The KNTLM class is useful for creating the authentication structures which
* can be used for various servers which implements NTLM type authentication.
* A comprehensive description of the NTLM authentication protocol can be found
* at http://davenport.sourceforge.net/ntlm.html
* The class also contains methods to create the LanManager and NT (MD4) hashes
* of a password.
* This class doesn't maintain any state information, so all methods are static.
*/
class KNTLM_EXPORT KNTLM
{
public:
enum Flags {
Negotiate_Unicode = 0x00000001,
Negotiate_OEM = 0x00000002,
Request_Target = 0x00000004,
Negotiate_Sign = 0x00000010,
Negotiate_Seal = 0x00000020,
Negotiate_Datagram_Style = 0x00000040,
Negotiate_LM_Key = 0x00000080,
Negotiate_Netware = 0x00000100,
Negotiate_NTLM = 0x00000200,
Negotiate_Domain_Supplied = 0x00001000,
Negotiate_WS_Supplied = 0x00002000,
Negotiate_Local_Call = 0x00004000,
Negotiate_Always_Sign = 0x00008000,
Target_Type_Domain = 0x00010000,
Target_Type_Server = 0x00020000,
Target_Type_Share = 0x00040000,
Negotiate_NTLM2_Key = 0x00080000,
Request_Init_Response = 0x00100000,
Request_Accept_Response = 0x00200000,
Request_NonNT_Key = 0x00400000,
Negotiate_Target_Info = 0x00800000,
Negotiate_128 = 0x20000000,
Negotiate_Key_Exchange = 0x40000000,
Negotiate_56 = 0x80000000
};
enum AuthFlag {
Force_V1 = 0x1,
Force_V2 = 0x2,
Add_LM = 0x4
};
Q_DECLARE_FLAGS( AuthFlags, AuthFlag )
typedef struct {
quint16 len;
quint16 maxlen;
quint32 offset;
} SecBuf;
/**
* The NTLM Type 1 structure
*/
typedef struct {
char signature[8]; /* "NTLMSSP\0" */
quint32 msgType; /* 1 */
quint32 flags;
SecBuf domain;
SecBuf workstation;
} Negotiate;
/**
* The NTLM Type 2 structure
*/
typedef struct {
char signature[8];
quint32 msgType; /* 2 */
SecBuf targetName;
quint32 flags;
quint8 challengeData[8];
quint32 context[2];
SecBuf targetInfo;
} Challenge;
/**
* The NTLM Type 3 structure
*/
typedef struct {
char signature[8];
quint32 msgType; /* 3 */
SecBuf lmResponse;
SecBuf ntResponse;
SecBuf domain;
SecBuf user;
SecBuf workstation;
SecBuf sessionKey;
quint32 flags;
} Auth;
typedef struct {
quint32 signature;
quint32 reserved;
quint64 timestamp;
quint8 challenge[8];
quint8 unknown[4];
//Target info block - variable length
} Blob;
/**
* Creates the initial message (type 1) which should be sent to the server.
*
* @param negotiate - a buffer where the Type 1 message will returned.
* @param domain - the domain name which should be send with the message.
* @param workstation - the workstation name which should be send with the message.
* @param flags - various flags, in most cases the defaults will good.
*
* @return true if creating the structure succeeds, false otherwise.
*/
static bool getNegotiate( QByteArray &negotiate, const QString &domain = QString(),
const QString &workstation = QString(),
quint32 flags = Negotiate_Unicode | Request_Target | Negotiate_NTLM );
/**
* Creates the type 3 message which should be sent to the server after
* the challenge (type 2) received.
*
* @param auth - a buffer where the Type 3 message will returned.
* @param challenge - the Type 2 message returned by the server.
* @param user - user's name.
* @param password - user's password.
* @param domain - the target domain. If left empty, it will be extracted
* from the challenge.
* @param workstation - the user's workstation.
* @param authflags - AuthFlags flags that changes the response generation behavior.
* Force_V1 or Force_V2 forces (NT)LMv1 or (NT)LMv2 responses generation, otherwise it's
* autodetected from the challenge. Add_LM adds LMv1 or LMv2 responses additional to the
* NTLM response.
*
* @return true if auth filled with the Type 3 message, false if an error occurred
* (challenge data invalid, NTLMv2 authentication forced, but the challenge data says
* no NTLMv2 supported, or no NTLM supported at all, and Add_LM not specified).
*/
static bool getAuth( QByteArray &auth, const QByteArray &challenge, const QString &user,
const QString &password, const QString &domain = QString(),
const QString &workstation = QString(), AuthFlags authflags = Add_LM );
/**
* Returns the LanManager response from the password and the server challenge.
*/
static QByteArray getLMResponse( const QString &password, const unsigned char *challenge );
/**
* Calculates the LanManager hash of the specified password.
*/
static QByteArray lmHash( const QString &password );
/**
* Calculates the LanManager response from the LanManager hash and the server challenge.
*/
static QByteArray lmResponse( const QByteArray &hash, const unsigned char *challenge );
/**
* Returns the NTLM response from the password and the server challenge.
*/
static QByteArray getNTLMResponse( const QString &password, const unsigned char *challenge );
/**
* Returns the NTLM hash (MD4) from the password.
*/
static QByteArray ntlmHash( const QString &password );
/**
* Calculates the NTLMv2 response.
*/
static QByteArray getNTLMv2Response( const QString &target, const QString &user,
const QString &password, const QByteArray &targetInformation,
const unsigned char *challenge );
/**
* Calculates the LMv2 response.
*/
static QByteArray getLMv2Response( const QString &target, const QString &user,
const QString &password, const unsigned char *challenge );
/**
* Returns the NTLMv2 hash.
*/
static QByteArray ntlmv2Hash( const QString &target, const QString &user, const QString &password );
/**
* Calculates the LMv2 response.
*/
static QByteArray lmv2Response( const QByteArray &hash,
const QByteArray &clientData, const unsigned char *challenge );
};
Q_DECLARE_OPERATORS_FOR_FLAGS( KNTLM::AuthFlags )
#endif /* KNTLM_H */