1 /* $NetBSD: passwd.c,v 1.1.1.2 2010/03/08 02:14:20 lukem Exp $ */ 2 3 /* OpenLDAP: pkg/ldap/libraries/liblutil/passwd.c,v 1.104.2.9 2009/08/30 22:55:47 quanah Exp */ 4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1998-2009 The OpenLDAP Foundation. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted only as authorized by the OpenLDAP 11 * Public License. 12 * 13 * A copy of this license is available in the file LICENSE in the 14 * top-level directory of the distribution or, alternatively, at 15 * <http://www.OpenLDAP.org/license.html>. 16 */ 17 18 /* 19 * int lutil_passwd( 20 * const struct berval *passwd, 21 * const struct berval *cred, 22 * const char **schemes ) 23 * 24 * Returns true if user supplied credentials (cred) matches 25 * the stored password (passwd). 26 * 27 * Due to the use of the crypt(3) function 28 * this routine is NOT thread-safe. 29 */ 30 31 #include "portable.h" 32 33 #include <stdio.h> 34 #include <ac/stdlib.h> 35 #include <ac/string.h> 36 #include <ac/unistd.h> 37 38 #if defined(SLAPD_LMHASH) 39 #if defined(HAVE_OPENSSL) 40 # include <openssl/des.h> 41 42 43 typedef des_cblock des_key; 44 typedef des_cblock des_data_block; 45 typedef des_key_schedule des_context; 46 #define des_failed(encrypted) 0 47 #define des_finish(key, schedule) 48 49 #elif defined(HAVE_MOZNSS) 50 /* 51 hack hack hack 52 We need to define this here so that nspr/obsolete/protypes.h will not be included 53 if that file is included, it will create a uint32 typedef that will cause the 54 one in lutil_sha1.h to blow up 55 */ 56 #define PROTYPES_H 1 57 # include <nss/pk11pub.h> 58 typedef PK11SymKey *des_key; 59 typedef unsigned char des_data_block[8]; 60 typedef PK11Context *des_context[1]; 61 #define DES_ENCRYPT CKA_ENCRYPT 62 63 #endif 64 65 #endif /* SLAPD_LMHASH */ 66 67 #include <ac/param.h> 68 69 #ifdef SLAPD_CRYPT 70 # include <ac/crypt.h> 71 72 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 73 # ifdef HAVE_SHADOW_H 74 # include <shadow.h> 75 # endif 76 # ifdef HAVE_PWD_H 77 # include <pwd.h> 78 # endif 79 # ifdef HAVE_AIX_SECURITY 80 # include <userpw.h> 81 # endif 82 # endif 83 #endif 84 85 #include <lber.h> 86 87 #include "ldap_pvt.h" 88 #include "lber_pvt.h" 89 90 #include "lutil_md5.h" 91 #include "lutil_sha1.h" 92 #include "lutil.h" 93 94 static const unsigned char crypt64[] = 95 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890./"; 96 97 #ifdef SLAPD_CRYPT 98 static char *salt_format = NULL; 99 static lutil_cryptfunc lutil_crypt; 100 lutil_cryptfunc *lutil_cryptptr = lutil_crypt; 101 #endif 102 103 /* KLUDGE: 104 * chk_fn is NULL iff name is {CLEARTEXT} 105 * otherwise, things will break 106 */ 107 struct pw_scheme { 108 struct berval name; 109 LUTIL_PASSWD_CHK_FUNC *chk_fn; 110 LUTIL_PASSWD_HASH_FUNC *hash_fn; 111 }; 112 113 struct pw_slist { 114 struct pw_slist *next; 115 struct pw_scheme s; 116 }; 117 118 /* password check routines */ 119 120 #define SALT_SIZE 4 121 122 static LUTIL_PASSWD_CHK_FUNC chk_md5; 123 static LUTIL_PASSWD_CHK_FUNC chk_smd5; 124 static LUTIL_PASSWD_HASH_FUNC hash_smd5; 125 static LUTIL_PASSWD_HASH_FUNC hash_md5; 126 127 128 #ifdef LUTIL_SHA1_BYTES 129 static LUTIL_PASSWD_CHK_FUNC chk_ssha1; 130 static LUTIL_PASSWD_CHK_FUNC chk_sha1; 131 static LUTIL_PASSWD_HASH_FUNC hash_sha1; 132 static LUTIL_PASSWD_HASH_FUNC hash_ssha1; 133 #endif 134 135 #ifdef SLAPD_LMHASH 136 static LUTIL_PASSWD_CHK_FUNC chk_lanman; 137 static LUTIL_PASSWD_HASH_FUNC hash_lanman; 138 #endif 139 140 #ifdef SLAPD_CRYPT 141 static LUTIL_PASSWD_CHK_FUNC chk_crypt; 142 static LUTIL_PASSWD_HASH_FUNC hash_crypt; 143 144 #if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 145 static LUTIL_PASSWD_CHK_FUNC chk_unix; 146 #endif 147 #endif 148 149 /* password hash routines */ 150 151 #ifdef SLAPD_CLEARTEXT 152 static LUTIL_PASSWD_HASH_FUNC hash_clear; 153 #endif 154 155 static struct pw_slist *pw_schemes; 156 static int pw_inited; 157 158 static const struct pw_scheme pw_schemes_default[] = 159 { 160 #ifdef LUTIL_SHA1_BYTES 161 { BER_BVC("{SSHA}"), chk_ssha1, hash_ssha1 }, 162 { BER_BVC("{SHA}"), chk_sha1, hash_sha1 }, 163 #endif 164 165 { BER_BVC("{SMD5}"), chk_smd5, hash_smd5 }, 166 { BER_BVC("{MD5}"), chk_md5, hash_md5 }, 167 168 #ifdef SLAPD_LMHASH 169 { BER_BVC("{LANMAN}"), chk_lanman, hash_lanman }, 170 #endif /* SLAPD_LMHASH */ 171 172 #ifdef SLAPD_CRYPT 173 { BER_BVC("{CRYPT}"), chk_crypt, hash_crypt }, 174 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 175 { BER_BVC("{UNIX}"), chk_unix, NULL }, 176 # endif 177 #endif 178 179 #ifdef SLAPD_CLEARTEXT 180 /* pseudo scheme */ 181 { BER_BVC("{CLEARTEXT}"), NULL, hash_clear }, 182 #endif 183 184 { BER_BVNULL, NULL, NULL } 185 }; 186 187 int lutil_passwd_add( 188 struct berval *scheme, 189 LUTIL_PASSWD_CHK_FUNC *chk, 190 LUTIL_PASSWD_HASH_FUNC *hash ) 191 { 192 struct pw_slist *ptr; 193 194 if (!pw_inited) lutil_passwd_init(); 195 196 ptr = ber_memalloc( sizeof( struct pw_slist )); 197 if (!ptr) return -1; 198 ptr->next = pw_schemes; 199 ptr->s.name = *scheme; 200 ptr->s.chk_fn = chk; 201 ptr->s.hash_fn = hash; 202 pw_schemes = ptr; 203 return 0; 204 } 205 206 void lutil_passwd_init() 207 { 208 struct pw_scheme *s; 209 210 pw_inited = 1; 211 212 for( s=(struct pw_scheme *)pw_schemes_default; s->name.bv_val; s++) { 213 if ( lutil_passwd_add( &s->name, s->chk_fn, s->hash_fn ) ) break; 214 } 215 } 216 217 void lutil_passwd_destroy() 218 { 219 struct pw_slist *ptr, *next; 220 221 for( ptr=pw_schemes; ptr; ptr=next ) { 222 next = ptr->next; 223 ber_memfree( ptr ); 224 } 225 } 226 227 static const struct pw_scheme *get_scheme( 228 const char* scheme ) 229 { 230 struct pw_slist *pws; 231 struct berval bv; 232 233 if (!pw_inited) lutil_passwd_init(); 234 235 bv.bv_val = strchr( scheme, '}' ); 236 if ( !bv.bv_val ) 237 return NULL; 238 239 bv.bv_len = bv.bv_val - scheme + 1; 240 bv.bv_val = (char *) scheme; 241 242 for( pws=pw_schemes; pws; pws=pws->next ) { 243 if ( ber_bvstrcasecmp(&bv, &pws->s.name ) == 0 ) { 244 return &(pws->s); 245 } 246 } 247 248 return NULL; 249 } 250 251 int lutil_passwd_scheme( 252 const char* scheme ) 253 { 254 if( scheme == NULL ) { 255 return 0; 256 } 257 258 return get_scheme(scheme) != NULL; 259 } 260 261 262 static int is_allowed_scheme( 263 const char* scheme, 264 const char** schemes ) 265 { 266 int i; 267 268 if( schemes == NULL ) return 1; 269 270 for( i=0; schemes[i] != NULL; i++ ) { 271 if( strcasecmp( scheme, schemes[i] ) == 0 ) { 272 return 1; 273 } 274 } 275 return 0; 276 } 277 278 static struct berval *passwd_scheme( 279 const struct pw_scheme *scheme, 280 const struct berval * passwd, 281 struct berval *bv, 282 const char** allowed ) 283 { 284 if( !is_allowed_scheme( scheme->name.bv_val, allowed ) ) { 285 return NULL; 286 } 287 288 if( passwd->bv_len >= scheme->name.bv_len ) { 289 if( strncasecmp( passwd->bv_val, scheme->name.bv_val, scheme->name.bv_len ) == 0 ) { 290 bv->bv_val = &passwd->bv_val[scheme->name.bv_len]; 291 bv->bv_len = passwd->bv_len - scheme->name.bv_len; 292 293 return bv; 294 } 295 } 296 297 return NULL; 298 } 299 300 /* 301 * Return 0 if creds are good. 302 */ 303 int 304 lutil_passwd( 305 const struct berval *passwd, /* stored passwd */ 306 const struct berval *cred, /* user cred */ 307 const char **schemes, 308 const char **text ) 309 { 310 struct pw_slist *pws; 311 312 if ( text ) *text = NULL; 313 314 if (cred == NULL || cred->bv_len == 0 || 315 passwd == NULL || passwd->bv_len == 0 ) 316 { 317 return -1; 318 } 319 320 if (!pw_inited) lutil_passwd_init(); 321 322 for( pws=pw_schemes; pws; pws=pws->next ) { 323 if( pws->s.chk_fn ) { 324 struct berval x; 325 struct berval *p = passwd_scheme( &(pws->s), 326 passwd, &x, schemes ); 327 328 if( p != NULL ) { 329 return (pws->s.chk_fn)( &(pws->s.name), p, cred, text ); 330 } 331 } 332 } 333 334 #ifdef SLAPD_CLEARTEXT 335 /* Do we think there is a scheme specifier here that we 336 * didn't recognize? Assume a scheme name is at least 1 character. 337 */ 338 if (( passwd->bv_val[0] == '{' ) && 339 ( ber_bvchr( passwd, '}' ) > passwd->bv_val+1 )) 340 { 341 return 1; 342 } 343 if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) { 344 return ( passwd->bv_len == cred->bv_len ) ? 345 memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len ) 346 : 1; 347 } 348 #endif 349 return 1; 350 } 351 352 int lutil_passwd_generate( struct berval *pw, ber_len_t len ) 353 { 354 355 if( len < 1 ) return -1; 356 357 pw->bv_len = len; 358 pw->bv_val = ber_memalloc( len + 1 ); 359 360 if( pw->bv_val == NULL ) { 361 return -1; 362 } 363 364 if( lutil_entropy( (unsigned char *) pw->bv_val, pw->bv_len) < 0 ) { 365 return -1; 366 } 367 368 for( len = 0; len < pw->bv_len; len++ ) { 369 pw->bv_val[len] = crypt64[ 370 pw->bv_val[len] % (sizeof(crypt64)-1) ]; 371 } 372 373 pw->bv_val[len] = '\0'; 374 375 return 0; 376 } 377 378 int lutil_passwd_hash( 379 const struct berval * passwd, 380 const char * method, 381 struct berval *hash, 382 const char **text ) 383 { 384 const struct pw_scheme *sc = get_scheme( method ); 385 386 hash->bv_val = NULL; 387 hash->bv_len = 0; 388 389 if( sc == NULL ) { 390 if( text ) *text = "scheme not recognized"; 391 return -1; 392 } 393 394 if( ! sc->hash_fn ) { 395 if( text ) *text = "scheme provided no hash function"; 396 return -1; 397 } 398 399 if( text ) *text = NULL; 400 401 return (sc->hash_fn)( &sc->name, passwd, hash, text ); 402 } 403 404 /* pw_string is only called when SLAPD_LMHASH or SLAPD_CRYPT is defined */ 405 #if defined(SLAPD_LMHASH) || defined(SLAPD_CRYPT) 406 static int pw_string( 407 const struct berval *sc, 408 struct berval *passwd ) 409 { 410 struct berval pw; 411 412 pw.bv_len = sc->bv_len + passwd->bv_len; 413 pw.bv_val = ber_memalloc( pw.bv_len + 1 ); 414 415 if( pw.bv_val == NULL ) { 416 return LUTIL_PASSWD_ERR; 417 } 418 419 AC_MEMCPY( pw.bv_val, sc->bv_val, sc->bv_len ); 420 AC_MEMCPY( &pw.bv_val[sc->bv_len], passwd->bv_val, passwd->bv_len ); 421 422 pw.bv_val[pw.bv_len] = '\0'; 423 *passwd = pw; 424 425 return LUTIL_PASSWD_OK; 426 } 427 #endif /* SLAPD_LMHASH || SLAPD_CRYPT */ 428 429 static int pw_string64( 430 const struct berval *sc, 431 const struct berval *hash, 432 struct berval *b64, 433 const struct berval *salt ) 434 { 435 int rc; 436 struct berval string; 437 size_t b64len; 438 439 if( salt ) { 440 /* need to base64 combined string */ 441 string.bv_len = hash->bv_len + salt->bv_len; 442 string.bv_val = ber_memalloc( string.bv_len + 1 ); 443 444 if( string.bv_val == NULL ) { 445 return LUTIL_PASSWD_ERR; 446 } 447 448 AC_MEMCPY( string.bv_val, hash->bv_val, 449 hash->bv_len ); 450 AC_MEMCPY( &string.bv_val[hash->bv_len], salt->bv_val, 451 salt->bv_len ); 452 string.bv_val[string.bv_len] = '\0'; 453 454 } else { 455 string = *hash; 456 } 457 458 b64len = LUTIL_BASE64_ENCODE_LEN( string.bv_len ) + 1; 459 b64->bv_len = b64len + sc->bv_len; 460 b64->bv_val = ber_memalloc( b64->bv_len + 1 ); 461 462 if( b64->bv_val == NULL ) { 463 if( salt ) ber_memfree( string.bv_val ); 464 return LUTIL_PASSWD_ERR; 465 } 466 467 AC_MEMCPY(b64->bv_val, sc->bv_val, sc->bv_len); 468 469 rc = lutil_b64_ntop( 470 (unsigned char *) string.bv_val, string.bv_len, 471 &b64->bv_val[sc->bv_len], b64len ); 472 473 if( salt ) ber_memfree( string.bv_val ); 474 475 if( rc < 0 ) { 476 return LUTIL_PASSWD_ERR; 477 } 478 479 /* recompute length */ 480 b64->bv_len = sc->bv_len + rc; 481 assert( strlen(b64->bv_val) == b64->bv_len ); 482 return LUTIL_PASSWD_OK; 483 } 484 485 /* PASSWORD CHECK ROUTINES */ 486 487 #ifdef LUTIL_SHA1_BYTES 488 static int chk_ssha1( 489 const struct berval *sc, 490 const struct berval * passwd, 491 const struct berval * cred, 492 const char **text ) 493 { 494 lutil_SHA1_CTX SHA1context; 495 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 496 int rc; 497 unsigned char *orig_pass = NULL; 498 499 /* safety check -- must have some salt */ 500 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHA1digest)) { 501 return LUTIL_PASSWD_ERR; 502 } 503 504 /* decode base64 password */ 505 orig_pass = (unsigned char *) ber_memalloc( (size_t) ( 506 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); 507 508 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 509 510 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); 511 512 /* safety check -- must have some salt */ 513 if (rc <= (int)(sizeof(SHA1digest))) { 514 ber_memfree(orig_pass); 515 return LUTIL_PASSWD_ERR; 516 } 517 518 /* hash credentials with salt */ 519 lutil_SHA1Init(&SHA1context); 520 lutil_SHA1Update(&SHA1context, 521 (const unsigned char *) cred->bv_val, cred->bv_len); 522 lutil_SHA1Update(&SHA1context, 523 (const unsigned char *) &orig_pass[sizeof(SHA1digest)], 524 rc - sizeof(SHA1digest)); 525 lutil_SHA1Final(SHA1digest, &SHA1context); 526 527 /* compare */ 528 rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); 529 ber_memfree(orig_pass); 530 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 531 } 532 533 static int chk_sha1( 534 const struct berval *sc, 535 const struct berval * passwd, 536 const struct berval * cred, 537 const char **text ) 538 { 539 lutil_SHA1_CTX SHA1context; 540 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 541 int rc; 542 unsigned char *orig_pass = NULL; 543 544 /* safety check */ 545 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHA1digest)) { 546 return LUTIL_PASSWD_ERR; 547 } 548 549 /* base64 un-encode password */ 550 orig_pass = (unsigned char *) ber_memalloc( (size_t) ( 551 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); 552 553 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 554 555 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); 556 557 if( rc != sizeof(SHA1digest) ) { 558 ber_memfree(orig_pass); 559 return LUTIL_PASSWD_ERR; 560 } 561 562 /* hash credentials with salt */ 563 lutil_SHA1Init(&SHA1context); 564 lutil_SHA1Update(&SHA1context, 565 (const unsigned char *) cred->bv_val, cred->bv_len); 566 lutil_SHA1Final(SHA1digest, &SHA1context); 567 568 /* compare */ 569 rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); 570 ber_memfree(orig_pass); 571 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 572 } 573 #endif 574 575 static int chk_smd5( 576 const struct berval *sc, 577 const struct berval * passwd, 578 const struct berval * cred, 579 const char **text ) 580 { 581 lutil_MD5_CTX MD5context; 582 unsigned char MD5digest[LUTIL_MD5_BYTES]; 583 int rc; 584 unsigned char *orig_pass = NULL; 585 586 /* safety check */ 587 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(MD5digest)) { 588 return LUTIL_PASSWD_ERR; 589 } 590 591 /* base64 un-encode password */ 592 orig_pass = (unsigned char *) ber_memalloc( (size_t) ( 593 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); 594 595 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 596 597 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); 598 599 if (rc <= (int)(sizeof(MD5digest))) { 600 ber_memfree(orig_pass); 601 return LUTIL_PASSWD_ERR; 602 } 603 604 /* hash credentials with salt */ 605 lutil_MD5Init(&MD5context); 606 lutil_MD5Update(&MD5context, 607 (const unsigned char *) cred->bv_val, 608 cred->bv_len ); 609 lutil_MD5Update(&MD5context, 610 &orig_pass[sizeof(MD5digest)], 611 rc - sizeof(MD5digest)); 612 lutil_MD5Final(MD5digest, &MD5context); 613 614 /* compare */ 615 rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); 616 ber_memfree(orig_pass); 617 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 618 } 619 620 static int chk_md5( 621 const struct berval *sc, 622 const struct berval * passwd, 623 const struct berval * cred, 624 const char **text ) 625 { 626 lutil_MD5_CTX MD5context; 627 unsigned char MD5digest[LUTIL_MD5_BYTES]; 628 int rc; 629 unsigned char *orig_pass = NULL; 630 631 /* safety check */ 632 if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(MD5digest)) { 633 return LUTIL_PASSWD_ERR; 634 } 635 636 /* base64 un-encode password */ 637 orig_pass = (unsigned char *) ber_memalloc( (size_t) ( 638 LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); 639 640 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 641 642 rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); 643 if ( rc != sizeof(MD5digest) ) { 644 ber_memfree(orig_pass); 645 return LUTIL_PASSWD_ERR; 646 } 647 648 /* hash credentials with salt */ 649 lutil_MD5Init(&MD5context); 650 lutil_MD5Update(&MD5context, 651 (const unsigned char *) cred->bv_val, 652 cred->bv_len ); 653 lutil_MD5Final(MD5digest, &MD5context); 654 655 /* compare */ 656 rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); 657 ber_memfree(orig_pass); 658 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 659 } 660 661 #ifdef SLAPD_LMHASH 662 663 #if defined(HAVE_OPENSSL) 664 665 /* 666 * abstract away setting the parity. 667 */ 668 static void 669 des_set_key_and_parity( des_key *key, unsigned char *keyData) 670 { 671 memcpy(key, keyData, 8); 672 des_set_odd_parity( key ); 673 } 674 675 676 #elif defined(HAVE_MOZNSS) 677 678 /* 679 * implement MozNSS wrappers for the openSSL calls 680 */ 681 static void 682 des_set_key_and_parity( des_key *key, unsigned char *keyData) 683 { 684 SECItem keyDataItem; 685 PK11SlotInfo *slot; 686 *key = NULL; 687 688 keyDataItem.data = keyData; 689 keyDataItem.len = 8; 690 691 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL); 692 if (slot == NULL) { 693 return; 694 } 695 696 /* NOTE: this will not work in FIPS mode. In order to make lmhash 697 * work in fips mode we need to define a LMHASH pbe mechanism and 698 * do the fulll key derivation inside the token */ 699 *key = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginGenerated, 700 CKA_ENCRYPT, &keyDataItem, NULL); 701 } 702 703 static void 704 des_set_key_unchecked( des_key *key, des_context ctxt ) 705 { 706 ctxt[0] = NULL; 707 708 /* handle error conditions from previous call */ 709 if (!*key) { 710 return; 711 } 712 713 ctxt[0] = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT, *key, NULL); 714 } 715 716 static void 717 des_ecb_encrypt( des_data_block *plain, des_data_block *encrypted, 718 des_context ctxt, int op) 719 { 720 SECStatus rv; 721 int size; 722 723 if (ctxt[0] == NULL) { 724 /* need to fail here... */ 725 memset(encrypted, 0, sizeof(des_data_block)); 726 return; 727 } 728 rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0], 729 &size, sizeof(des_data_block), 730 (unsigned char *)&plain[0], sizeof(des_data_block)); 731 if (rv != SECSuccess) { 732 /* signal failure */ 733 memset(encrypted, 0, sizeof(des_data_block)); 734 return; 735 } 736 return; 737 } 738 739 static int 740 des_failed(des_data_block *encrypted) 741 { 742 static const des_data_block zero = { 0 }; 743 return memcmp(encrypted, zero, sizeof(zero)) == 0; 744 } 745 746 static void 747 des_finish(des_key *key, des_context ctxt) 748 { 749 if (*key) { 750 PK11_FreeSymKey(*key); 751 *key = NULL; 752 } 753 if (ctxt[0]) { 754 PK11_Finalize(ctxt[0]); 755 PK11_DestroyContext(ctxt[0], PR_TRUE); 756 ctxt[0] = NULL; 757 } 758 } 759 760 #endif 761 762 /* pseudocode from RFC2433 763 * A.2 LmPasswordHash() 764 * 765 * LmPasswordHash( 766 * IN 0-to-14-oem-char Password, 767 * OUT 16-octet PasswordHash ) 768 * { 769 * Set UcasePassword to the uppercased Password 770 * Zero pad UcasePassword to 14 characters 771 * 772 * DesHash( 1st 7-octets of UcasePassword, 773 * giving 1st 8-octets of PasswordHash ) 774 * 775 * DesHash( 2nd 7-octets of UcasePassword, 776 * giving 2nd 8-octets of PasswordHash ) 777 * } 778 * 779 * 780 * A.3 DesHash() 781 * 782 * DesHash( 783 * IN 7-octet Clear, 784 * OUT 8-octet Cypher ) 785 * { 786 * * 787 * * Make Cypher an irreversibly encrypted form of Clear by 788 * * encrypting known text using Clear as the secret key. 789 * * The known text consists of the string 790 * * 791 * * KGS!@#$% 792 * * 793 * 794 * Set StdText to "KGS!@#$%" 795 * DesEncrypt( StdText, Clear, giving Cypher ) 796 * } 797 * 798 * 799 * A.4 DesEncrypt() 800 * 801 * DesEncrypt( 802 * IN 8-octet Clear, 803 * IN 7-octet Key, 804 * OUT 8-octet Cypher ) 805 * { 806 * * 807 * * Use the DES encryption algorithm [4] in ECB mode [9] 808 * * to encrypt Clear into Cypher such that Cypher can 809 * * only be decrypted back to Clear by providing Key. 810 * * Note that the DES algorithm takes as input a 64-bit 811 * * stream where the 8th, 16th, 24th, etc. bits are 812 * * parity bits ignored by the encrypting algorithm. 813 * * Unless you write your own DES to accept 56-bit input 814 * * without parity, you will need to insert the parity bits 815 * * yourself. 816 * * 817 * } 818 */ 819 820 static void lmPasswd_to_key( 821 const char *lmPasswd, 822 des_key *key) 823 { 824 const unsigned char *lpw = (const unsigned char *) lmPasswd; 825 unsigned char k[8]; 826 827 /* make room for parity bits */ 828 k[0] = lpw[0]; 829 k[1] = ((lpw[0] & 0x01) << 7) | (lpw[1] >> 1); 830 k[2] = ((lpw[1] & 0x03) << 6) | (lpw[2] >> 2); 831 k[3] = ((lpw[2] & 0x07) << 5) | (lpw[3] >> 3); 832 k[4] = ((lpw[3] & 0x0F) << 4) | (lpw[4] >> 4); 833 k[5] = ((lpw[4] & 0x1F) << 3) | (lpw[5] >> 5); 834 k[6] = ((lpw[5] & 0x3F) << 2) | (lpw[6] >> 6); 835 k[7] = ((lpw[6] & 0x7F) << 1); 836 837 des_set_key_and_parity( key, k ); 838 } 839 840 static int chk_lanman( 841 const struct berval *scheme, 842 const struct berval *passwd, 843 const struct berval *cred, 844 const char **text ) 845 { 846 ber_len_t i; 847 char UcasePassword[15]; 848 des_key key; 849 des_context schedule; 850 des_data_block StdText = "KGS!@#$%"; 851 des_data_block PasswordHash1, PasswordHash2; 852 char PasswordHash[33], storedPasswordHash[33]; 853 854 for( i=0; i<cred->bv_len; i++) { 855 if(cred->bv_val[i] == '\0') { 856 return LUTIL_PASSWD_ERR; /* NUL character in password */ 857 } 858 } 859 860 if( cred->bv_val[i] != '\0' ) { 861 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 862 } 863 864 strncpy( UcasePassword, cred->bv_val, 14 ); 865 UcasePassword[14] = '\0'; 866 ldap_pvt_str2upper( UcasePassword ); 867 868 lmPasswd_to_key( UcasePassword, &key ); 869 des_set_key_unchecked( &key, schedule ); 870 des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); 871 872 if (des_failed(&PasswordHash1)) { 873 return LUTIL_PASSWD_ERR; 874 } 875 876 lmPasswd_to_key( &UcasePassword[7], &key ); 877 des_set_key_unchecked( &key, schedule ); 878 des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); 879 if (des_failed(&PasswordHash2)) { 880 return LUTIL_PASSWD_ERR; 881 } 882 883 des_finish( &key, schedule ); 884 885 sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 886 PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3], 887 PasswordHash1[4],PasswordHash1[5],PasswordHash1[6],PasswordHash1[7], 888 PasswordHash2[0],PasswordHash2[1],PasswordHash2[2],PasswordHash2[3], 889 PasswordHash2[4],PasswordHash2[5],PasswordHash2[6],PasswordHash2[7] ); 890 891 /* as a precaution convert stored password hash to lower case */ 892 strncpy( storedPasswordHash, passwd->bv_val, 32 ); 893 storedPasswordHash[32] = '\0'; 894 ldap_pvt_str2lower( storedPasswordHash ); 895 896 return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 897 } 898 #endif /* SLAPD_LMHASH */ 899 900 #ifdef SLAPD_CRYPT 901 static int lutil_crypt( 902 const char *key, 903 const char *salt, 904 char **hash ) 905 { 906 char *cr = crypt( key, salt ); 907 int rc; 908 909 if( cr == NULL || cr[0] == '\0' ) { 910 /* salt must have been invalid */ 911 rc = LUTIL_PASSWD_ERR; 912 } else { 913 if ( hash ) { 914 *hash = ber_strdup( cr ); 915 rc = LUTIL_PASSWD_OK; 916 } else { 917 rc = strcmp( salt, cr ) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 918 } 919 } 920 return rc; 921 } 922 923 static int chk_crypt( 924 const struct berval *sc, 925 const struct berval * passwd, 926 const struct berval * cred, 927 const char **text ) 928 { 929 unsigned int i; 930 931 for( i=0; i<cred->bv_len; i++) { 932 if(cred->bv_val[i] == '\0') { 933 return LUTIL_PASSWD_ERR; /* NUL character in password */ 934 } 935 } 936 937 if( cred->bv_val[i] != '\0' ) { 938 return LUTIL_PASSWD_ERR; /* cred must behave like a string */ 939 } 940 941 if( passwd->bv_len < 2 ) { 942 return LUTIL_PASSWD_ERR; /* passwd must be at least two characters long */ 943 } 944 945 for( i=0; i<passwd->bv_len; i++) { 946 if(passwd->bv_val[i] == '\0') { 947 return LUTIL_PASSWD_ERR; /* NUL character in password */ 948 } 949 } 950 951 if( passwd->bv_val[i] != '\0' ) { 952 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 953 } 954 955 return lutil_cryptptr( cred->bv_val, passwd->bv_val, NULL ); 956 } 957 958 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 959 static int chk_unix( 960 const struct berval *sc, 961 const struct berval * passwd, 962 const struct berval * cred, 963 const char **text ) 964 { 965 unsigned int i; 966 char *pw; 967 968 for( i=0; i<cred->bv_len; i++) { 969 if(cred->bv_val[i] == '\0') { 970 return LUTIL_PASSWD_ERR; /* NUL character in password */ 971 } 972 } 973 if( cred->bv_val[i] != '\0' ) { 974 return LUTIL_PASSWD_ERR; /* cred must behave like a string */ 975 } 976 977 for( i=0; i<passwd->bv_len; i++) { 978 if(passwd->bv_val[i] == '\0') { 979 return LUTIL_PASSWD_ERR; /* NUL character in password */ 980 } 981 } 982 983 if( passwd->bv_val[i] != '\0' ) { 984 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 985 } 986 987 { 988 struct passwd *pwd = getpwnam(passwd->bv_val); 989 990 if(pwd == NULL) { 991 return LUTIL_PASSWD_ERR; /* not found */ 992 } 993 994 pw = pwd->pw_passwd; 995 } 996 # ifdef HAVE_GETSPNAM 997 { 998 struct spwd *spwd = getspnam(passwd->bv_val); 999 1000 if(spwd != NULL) { 1001 pw = spwd->sp_pwdp; 1002 } 1003 } 1004 # endif 1005 # ifdef HAVE_AIX_SECURITY 1006 { 1007 struct userpw *upw = getuserpw(passwd->bv_val); 1008 1009 if (upw != NULL) { 1010 pw = upw->upw_passwd; 1011 } 1012 } 1013 # endif 1014 1015 if( pw == NULL || pw[0] == '\0' || pw[1] == '\0' ) { 1016 /* password must must be at least two characters long */ 1017 return LUTIL_PASSWD_ERR; 1018 } 1019 1020 return lutil_cryptptr( cred->bv_val, pw, NULL ); 1021 } 1022 # endif 1023 #endif 1024 1025 /* PASSWORD GENERATION ROUTINES */ 1026 1027 #ifdef LUTIL_SHA1_BYTES 1028 static int hash_ssha1( 1029 const struct berval *scheme, 1030 const struct berval *passwd, 1031 struct berval *hash, 1032 const char **text ) 1033 { 1034 lutil_SHA1_CTX SHA1context; 1035 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 1036 char saltdata[SALT_SIZE]; 1037 struct berval digest; 1038 struct berval salt; 1039 1040 digest.bv_val = (char *) SHA1digest; 1041 digest.bv_len = sizeof(SHA1digest); 1042 salt.bv_val = saltdata; 1043 salt.bv_len = sizeof(saltdata); 1044 1045 if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { 1046 return LUTIL_PASSWD_ERR; 1047 } 1048 1049 lutil_SHA1Init( &SHA1context ); 1050 lutil_SHA1Update( &SHA1context, 1051 (const unsigned char *)passwd->bv_val, passwd->bv_len ); 1052 lutil_SHA1Update( &SHA1context, 1053 (const unsigned char *)salt.bv_val, salt.bv_len ); 1054 lutil_SHA1Final( SHA1digest, &SHA1context ); 1055 1056 return pw_string64( scheme, &digest, hash, &salt); 1057 } 1058 1059 static int hash_sha1( 1060 const struct berval *scheme, 1061 const struct berval *passwd, 1062 struct berval *hash, 1063 const char **text ) 1064 { 1065 lutil_SHA1_CTX SHA1context; 1066 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 1067 struct berval digest; 1068 digest.bv_val = (char *) SHA1digest; 1069 digest.bv_len = sizeof(SHA1digest); 1070 1071 lutil_SHA1Init( &SHA1context ); 1072 lutil_SHA1Update( &SHA1context, 1073 (const unsigned char *)passwd->bv_val, passwd->bv_len ); 1074 lutil_SHA1Final( SHA1digest, &SHA1context ); 1075 1076 return pw_string64( scheme, &digest, hash, NULL); 1077 } 1078 #endif 1079 1080 static int hash_smd5( 1081 const struct berval *scheme, 1082 const struct berval *passwd, 1083 struct berval *hash, 1084 const char **text ) 1085 { 1086 lutil_MD5_CTX MD5context; 1087 unsigned char MD5digest[LUTIL_MD5_BYTES]; 1088 char saltdata[SALT_SIZE]; 1089 struct berval digest; 1090 struct berval salt; 1091 1092 digest.bv_val = (char *) MD5digest; 1093 digest.bv_len = sizeof(MD5digest); 1094 salt.bv_val = saltdata; 1095 salt.bv_len = sizeof(saltdata); 1096 1097 if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { 1098 return LUTIL_PASSWD_ERR; 1099 } 1100 1101 lutil_MD5Init( &MD5context ); 1102 lutil_MD5Update( &MD5context, 1103 (const unsigned char *) passwd->bv_val, passwd->bv_len ); 1104 lutil_MD5Update( &MD5context, 1105 (const unsigned char *) salt.bv_val, salt.bv_len ); 1106 lutil_MD5Final( MD5digest, &MD5context ); 1107 1108 return pw_string64( scheme, &digest, hash, &salt ); 1109 } 1110 1111 static int hash_md5( 1112 const struct berval *scheme, 1113 const struct berval *passwd, 1114 struct berval *hash, 1115 const char **text ) 1116 { 1117 lutil_MD5_CTX MD5context; 1118 unsigned char MD5digest[LUTIL_MD5_BYTES]; 1119 1120 struct berval digest; 1121 1122 digest.bv_val = (char *) MD5digest; 1123 digest.bv_len = sizeof(MD5digest); 1124 1125 lutil_MD5Init( &MD5context ); 1126 lutil_MD5Update( &MD5context, 1127 (const unsigned char *) passwd->bv_val, passwd->bv_len ); 1128 lutil_MD5Final( MD5digest, &MD5context ); 1129 1130 return pw_string64( scheme, &digest, hash, NULL ); 1131 ; 1132 } 1133 1134 #ifdef SLAPD_LMHASH 1135 static int hash_lanman( 1136 const struct berval *scheme, 1137 const struct berval *passwd, 1138 struct berval *hash, 1139 const char **text ) 1140 { 1141 1142 ber_len_t i; 1143 char UcasePassword[15]; 1144 des_key key; 1145 des_context schedule; 1146 des_data_block StdText = "KGS!@#$%"; 1147 des_data_block PasswordHash1, PasswordHash2; 1148 char PasswordHash[33]; 1149 1150 for( i=0; i<passwd->bv_len; i++) { 1151 if(passwd->bv_val[i] == '\0') { 1152 return LUTIL_PASSWD_ERR; /* NUL character in password */ 1153 } 1154 } 1155 1156 if( passwd->bv_val[i] != '\0' ) { 1157 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 1158 } 1159 1160 strncpy( UcasePassword, passwd->bv_val, 14 ); 1161 UcasePassword[14] = '\0'; 1162 ldap_pvt_str2upper( UcasePassword ); 1163 1164 lmPasswd_to_key( UcasePassword, &key ); 1165 des_set_key_unchecked( &key, schedule ); 1166 des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); 1167 1168 lmPasswd_to_key( &UcasePassword[7], &key ); 1169 des_set_key_unchecked( &key, schedule ); 1170 des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); 1171 1172 sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 1173 PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3], 1174 PasswordHash1[4],PasswordHash1[5],PasswordHash1[6],PasswordHash1[7], 1175 PasswordHash2[0],PasswordHash2[1],PasswordHash2[2],PasswordHash2[3], 1176 PasswordHash2[4],PasswordHash2[5],PasswordHash2[6],PasswordHash2[7] ); 1177 1178 hash->bv_val = PasswordHash; 1179 hash->bv_len = 32; 1180 1181 return pw_string( scheme, hash ); 1182 } 1183 #endif /* SLAPD_LMHASH */ 1184 1185 #ifdef SLAPD_CRYPT 1186 static int hash_crypt( 1187 const struct berval *scheme, 1188 const struct berval *passwd, 1189 struct berval *hash, 1190 const char **text ) 1191 { 1192 unsigned char salt[32]; /* salt suitable for most anything */ 1193 unsigned int i; 1194 char *save; 1195 int rc; 1196 1197 for( i=0; i<passwd->bv_len; i++) { 1198 if(passwd->bv_val[i] == '\0') { 1199 return LUTIL_PASSWD_ERR; /* NUL character in password */ 1200 } 1201 } 1202 1203 if( passwd->bv_val[i] != '\0' ) { 1204 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 1205 } 1206 1207 if( lutil_entropy( salt, sizeof( salt ) ) < 0 ) { 1208 return LUTIL_PASSWD_ERR; 1209 } 1210 1211 for( i=0; i< ( sizeof(salt) - 1 ); i++ ) { 1212 salt[i] = crypt64[ salt[i] % (sizeof(crypt64)-1) ]; 1213 } 1214 salt[sizeof( salt ) - 1 ] = '\0'; 1215 1216 if( salt_format != NULL ) { 1217 /* copy the salt we made into entropy before snprintfing 1218 it back into the salt */ 1219 char entropy[sizeof(salt)]; 1220 strcpy( entropy, (char *) salt ); 1221 snprintf( (char *) salt, sizeof(entropy), salt_format, entropy ); 1222 } 1223 1224 rc = lutil_cryptptr( passwd->bv_val, (char *) salt, &hash->bv_val ); 1225 if ( rc != LUTIL_PASSWD_OK ) return rc; 1226 1227 if( hash->bv_val == NULL ) return -1; 1228 1229 hash->bv_len = strlen( hash->bv_val ); 1230 1231 save = hash->bv_val; 1232 1233 if( hash->bv_len == 0 ) { 1234 rc = LUTIL_PASSWD_ERR; 1235 } else { 1236 rc = pw_string( scheme, hash ); 1237 } 1238 ber_memfree( save ); 1239 return rc; 1240 } 1241 #endif 1242 1243 int lutil_salt_format(const char *format) 1244 { 1245 #ifdef SLAPD_CRYPT 1246 ber_memfree( salt_format ); 1247 1248 salt_format = format != NULL ? ber_strdup( format ) : NULL; 1249 #endif 1250 1251 return 0; 1252 } 1253 1254 #ifdef SLAPD_CLEARTEXT 1255 static int hash_clear( 1256 const struct berval *scheme, 1257 const struct berval *passwd, 1258 struct berval *hash, 1259 const char **text ) 1260 { 1261 ber_dupbv( hash, (struct berval *)passwd ); 1262 return LUTIL_PASSWD_OK; 1263 } 1264 #endif 1265 1266