1 /* $NetBSD: passwd.c,v 1.8 2020/08/11 13:15:39 christos Exp $ */ 2 3 /* $OpenLDAP$ */ 4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1998-2020 The OpenLDAP Foundation. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted only as authorized by the OpenLDAP 11 * Public License. 12 * 13 * A copy of this license is available in the file LICENSE in the 14 * top-level directory of the distribution or, alternatively, at 15 * <http://www.OpenLDAP.org/license.html>. 16 */ 17 18 /* 19 * int lutil_passwd( 20 * const struct berval *passwd, 21 * const struct berval *cred, 22 * const char **schemes ) 23 * 24 * Returns true if user supplied credentials (cred) matches 25 * the stored password (passwd). 26 * 27 * Due to the use of the crypt(3) function 28 * this routine is NOT thread-safe. 29 */ 30 31 #include <sys/cdefs.h> 32 __RCSID("$NetBSD: passwd.c,v 1.8 2020/08/11 13:15:39 christos Exp $"); 33 34 #include "portable.h" 35 36 #include <stdio.h> 37 #include <ac/stdlib.h> 38 #include <ac/string.h> 39 #include <ac/time.h> 40 #include <ac/unistd.h> 41 42 #if defined(SLAPD_LMHASH) 43 #if defined(HAVE_OPENSSL) 44 # include <openssl/des.h> 45 46 47 typedef DES_cblock des_key; 48 typedef DES_cblock des_data_block; 49 typedef DES_key_schedule des_context[1]; 50 #define des_failed(encrypted) 0 51 #define des_finish(key, schedule) 52 53 #elif defined(HAVE_MOZNSS) 54 /* 55 hack hack hack 56 We need to define this here so that nspr/obsolete/protypes.h will not be included 57 if that file is included, it will create a uint32 typedef that will cause the 58 one in lutil_sha1.h to blow up 59 */ 60 #define PROTYPES_H 1 61 # include <nss/pk11pub.h> 62 typedef PK11SymKey *des_key; 63 typedef unsigned char des_data_block[8]; 64 typedef PK11Context *des_context[1]; 65 #define DES_ENCRYPT CKA_ENCRYPT 66 67 #endif 68 69 #endif /* SLAPD_LMHASH */ 70 71 #include <ac/param.h> 72 73 #ifdef SLAPD_CRYPT 74 # include <ac/crypt.h> 75 76 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 77 # ifdef HAVE_SHADOW_H 78 # include <shadow.h> 79 # endif 80 # ifdef HAVE_PWD_H 81 # include <pwd.h> 82 # endif 83 # ifdef HAVE_AIX_SECURITY 84 # include <userpw.h> 85 # endif 86 # endif 87 #endif 88 89 #include <lber.h> 90 91 #include "ldap_pvt.h" 92 #include "lber_pvt.h" 93 94 #include "lutil_md5.h" 95 #include "lutil_sha1.h" 96 #include "lutil.h" 97 98 static const unsigned char crypt64[] = 99 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890./"; 100 101 #ifdef SLAPD_CRYPT 102 static char *salt_format = NULL; 103 static lutil_cryptfunc lutil_crypt; 104 lutil_cryptfunc *lutil_cryptptr = lutil_crypt; 105 #endif 106 107 /* KLUDGE: 108 * chk_fn is NULL iff name is {CLEARTEXT} 109 * otherwise, things will break 110 */ 111 struct pw_scheme { 112 struct berval name; 113 LUTIL_PASSWD_CHK_FUNC *chk_fn; 114 LUTIL_PASSWD_HASH_FUNC *hash_fn; 115 }; 116 117 struct pw_slist { 118 struct pw_slist *next; 119 struct pw_scheme s; 120 }; 121 122 /* password check routines */ 123 124 #define SALT_SIZE 4 125 126 static LUTIL_PASSWD_CHK_FUNC chk_md5; 127 static LUTIL_PASSWD_CHK_FUNC chk_smd5; 128 static LUTIL_PASSWD_HASH_FUNC hash_smd5; 129 static LUTIL_PASSWD_HASH_FUNC hash_md5; 130 131 132 #ifdef LUTIL_SHA1_BYTES 133 static LUTIL_PASSWD_CHK_FUNC chk_ssha1; 134 static LUTIL_PASSWD_CHK_FUNC chk_sha1; 135 static LUTIL_PASSWD_HASH_FUNC hash_sha1; 136 static LUTIL_PASSWD_HASH_FUNC hash_ssha1; 137 #endif 138 139 #ifdef SLAPD_LMHASH 140 static LUTIL_PASSWD_CHK_FUNC chk_lanman; 141 static LUTIL_PASSWD_HASH_FUNC hash_lanman; 142 #endif 143 144 #ifdef SLAPD_CRYPT 145 static LUTIL_PASSWD_CHK_FUNC chk_crypt; 146 static LUTIL_PASSWD_HASH_FUNC hash_crypt; 147 148 #if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 149 static LUTIL_PASSWD_CHK_FUNC chk_unix; 150 #endif 151 #endif 152 153 /* password hash routines */ 154 155 #ifdef SLAPD_CLEARTEXT 156 static LUTIL_PASSWD_HASH_FUNC hash_clear; 157 #endif 158 159 static struct pw_slist *pw_schemes; 160 static int pw_inited; 161 162 static const struct pw_scheme pw_schemes_default[] = 163 { 164 #ifdef LUTIL_SHA1_BYTES 165 { BER_BVC("{SSHA}"), chk_ssha1, hash_ssha1 }, 166 { BER_BVC("{SHA}"), chk_sha1, hash_sha1 }, 167 #endif 168 169 { BER_BVC("{SMD5}"), chk_smd5, hash_smd5 }, 170 { BER_BVC("{MD5}"), chk_md5, hash_md5 }, 171 172 #ifdef SLAPD_LMHASH 173 { BER_BVC("{LANMAN}"), chk_lanman, hash_lanman }, 174 #endif /* SLAPD_LMHASH */ 175 176 #ifdef SLAPD_CRYPT 177 { BER_BVC("{CRYPT}"), chk_crypt, hash_crypt }, 178 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 179 { BER_BVC("{UNIX}"), chk_unix, NULL }, 180 # endif 181 #endif 182 183 #ifdef SLAPD_CLEARTEXT 184 /* pseudo scheme */ 185 { BER_BVC("{CLEARTEXT}"), NULL, hash_clear }, 186 #endif 187 188 { BER_BVNULL, NULL, NULL } 189 }; 190 191 int lutil_passwd_add( 192 struct berval *scheme, 193 LUTIL_PASSWD_CHK_FUNC *chk, 194 LUTIL_PASSWD_HASH_FUNC *hash ) 195 { 196 struct pw_slist *ptr; 197 198 if (!pw_inited) lutil_passwd_init(); 199 200 ptr = ber_memalloc( sizeof( struct pw_slist )); 201 if (!ptr) return -1; 202 ptr->next = pw_schemes; 203 ptr->s.name = *scheme; 204 ptr->s.chk_fn = chk; 205 ptr->s.hash_fn = hash; 206 pw_schemes = ptr; 207 return 0; 208 } 209 210 void lutil_passwd_init() 211 { 212 struct pw_scheme *s; 213 214 pw_inited = 1; 215 216 for( s=(struct pw_scheme *)pw_schemes_default; s->name.bv_val; s++) { 217 if ( lutil_passwd_add( &s->name, s->chk_fn, s->hash_fn ) ) break; 218 } 219 } 220 221 void lutil_passwd_destroy() 222 { 223 struct pw_slist *ptr, *next; 224 225 for( ptr=pw_schemes; ptr; ptr=next ) { 226 next = ptr->next; 227 ber_memfree( ptr ); 228 } 229 } 230 231 static const struct pw_scheme *get_scheme( 232 const char* scheme ) 233 { 234 struct pw_slist *pws; 235 struct berval bv; 236 237 if (!pw_inited) lutil_passwd_init(); 238 239 bv.bv_val = strchr( scheme, '}' ); 240 if ( !bv.bv_val ) 241 return NULL; 242 243 bv.bv_len = bv.bv_val - scheme + 1; 244 bv.bv_val = (char *) scheme; 245 246 for( pws=pw_schemes; pws; pws=pws->next ) { 247 if ( ber_bvstrcasecmp(&bv, &pws->s.name ) == 0 ) { 248 return &(pws->s); 249 } 250 } 251 252 return NULL; 253 } 254 255 int lutil_passwd_scheme( 256 const char* scheme ) 257 { 258 if( scheme == NULL ) { 259 return 0; 260 } 261 262 return get_scheme(scheme) != NULL; 263 } 264 265 266 static int is_allowed_scheme( 267 const char* scheme, 268 const char** schemes ) 269 { 270 int i; 271 272 if( schemes == NULL ) return 1; 273 274 for( i=0; schemes[i] != NULL; i++ ) { 275 if( strcasecmp( scheme, schemes[i] ) == 0 ) { 276 return 1; 277 } 278 } 279 return 0; 280 } 281 282 static struct berval *passwd_scheme( 283 const struct pw_scheme *scheme, 284 const struct berval * passwd, 285 struct berval *bv, 286 const char** allowed ) 287 { 288 if( !is_allowed_scheme( scheme->name.bv_val, allowed ) ) { 289 return NULL; 290 } 291 292 if( passwd->bv_len >= scheme->name.bv_len ) { 293 if( strncasecmp( passwd->bv_val, scheme->name.bv_val, scheme->name.bv_len ) == 0 ) { 294 bv->bv_val = &passwd->bv_val[scheme->name.bv_len]; 295 bv->bv_len = passwd->bv_len - scheme->name.bv_len; 296 297 return bv; 298 } 299 } 300 301 return NULL; 302 } 303 304 /* 305 * Return 0 if creds are good. 306 */ 307 int 308 lutil_passwd( 309 const struct berval *passwd, /* stored passwd */ 310 const struct berval *cred, /* user cred */ 311 const char **schemes, 312 const char **text ) 313 { 314 struct pw_slist *pws; 315 316 if ( text ) *text = NULL; 317 318 if (cred == NULL || cred->bv_len == 0 || 319 passwd == NULL || passwd->bv_len == 0 ) 320 { 321 return -1; 322 } 323 324 if (!pw_inited) lutil_passwd_init(); 325 326 for( pws=pw_schemes; pws; pws=pws->next ) { 327 if( pws->s.chk_fn ) { 328 struct berval x; 329 struct berval *p = passwd_scheme( &(pws->s), 330 passwd, &x, schemes ); 331 332 if( p != NULL ) { 333 return (pws->s.chk_fn)( &(pws->s.name), p, cred, text ); 334 } 335 } 336 } 337 338 #ifdef SLAPD_CLEARTEXT 339 /* Do we think there is a scheme specifier here that we 340 * didn't recognize? Assume a scheme name is at least 1 character. 341 */ 342 if (( passwd->bv_val[0] == '{' ) && 343 ( ber_bvchr( passwd, '}' ) > passwd->bv_val+1 )) 344 { 345 return 1; 346 } 347 if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) { 348 return ( passwd->bv_len == cred->bv_len ) ? 349 memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len ) 350 : 1; 351 } 352 #endif 353 return 1; 354 } 355 356 int lutil_passwd_generate( struct berval *pw, ber_len_t len ) 357 { 358 359 if( len < 1 ) return -1; 360 361 pw->bv_len = len; 362 pw->bv_val = ber_memalloc( len + 1 ); 363 364 if( pw->bv_val == NULL ) { 365 return -1; 366 } 367 368 if( lutil_entropy( (unsigned char *) pw->bv_val, pw->bv_len) < 0 ) { 369 return -1; 370 } 371 372 for( len = 0; len < pw->bv_len; len++ ) { 373 pw->bv_val[len] = crypt64[ 374 pw->bv_val[len] % (sizeof(crypt64)-1) ]; 375 } 376 377 pw->bv_val[len] = '\0'; 378 379 return 0; 380 } 381 382 int lutil_passwd_hash( 383 const struct berval * passwd, 384 const char * method, 385 struct berval *hash, 386 const char **text ) 387 { 388 const struct pw_scheme *sc = get_scheme( method ); 389 390 hash->bv_val = NULL; 391 hash->bv_len = 0; 392 393 if( sc == NULL ) { 394 if( text ) *text = "scheme not recognized"; 395 return -1; 396 } 397 398 if( ! sc->hash_fn ) { 399 if( text ) *text = "scheme provided no hash function"; 400 return -1; 401 } 402 403 if( text ) *text = NULL; 404 405 return (sc->hash_fn)( &sc->name, passwd, hash, text ); 406 } 407 408 /* pw_string is only called when SLAPD_LMHASH or SLAPD_CRYPT is defined */ 409 #if defined(SLAPD_LMHASH) || defined(SLAPD_CRYPT) 410 static int pw_string( 411 const struct berval *sc, 412 struct berval *passwd ) 413 { 414 struct berval pw; 415 416 pw.bv_len = sc->bv_len + passwd->bv_len; 417 pw.bv_val = ber_memalloc( pw.bv_len + 1 ); 418 419 if( pw.bv_val == NULL ) { 420 return LUTIL_PASSWD_ERR; 421 } 422 423 AC_MEMCPY( pw.bv_val, sc->bv_val, sc->bv_len ); 424 AC_MEMCPY( &pw.bv_val[sc->bv_len], passwd->bv_val, passwd->bv_len ); 425 426 pw.bv_val[pw.bv_len] = '\0'; 427 *passwd = pw; 428 429 return LUTIL_PASSWD_OK; 430 } 431 #endif /* SLAPD_LMHASH || SLAPD_CRYPT */ 432 433 int lutil_passwd_string64( 434 const struct berval *sc, 435 const struct berval *hash, 436 struct berval *b64, 437 const struct berval *salt ) 438 { 439 int rc; 440 struct berval string; 441 size_t b64len; 442 443 if( salt ) { 444 /* need to base64 combined string */ 445 string.bv_len = hash->bv_len + salt->bv_len; 446 string.bv_val = ber_memalloc( string.bv_len + 1 ); 447 448 if( string.bv_val == NULL ) { 449 return LUTIL_PASSWD_ERR; 450 } 451 452 AC_MEMCPY( string.bv_val, hash->bv_val, 453 hash->bv_len ); 454 AC_MEMCPY( &string.bv_val[hash->bv_len], salt->bv_val, 455 salt->bv_len ); 456 string.bv_val[string.bv_len] = '\0'; 457 458 } else { 459 string = *hash; 460 } 461 462 b64len = LUTIL_BASE64_ENCODE_LEN( string.bv_len ) + 1; 463 b64->bv_len = b64len + sc->bv_len; 464 b64->bv_val = ber_memalloc( b64->bv_len + 1 ); 465 466 if( b64->bv_val == NULL ) { 467 if( salt ) ber_memfree( string.bv_val ); 468 return LUTIL_PASSWD_ERR; 469 } 470 471 AC_MEMCPY(b64->bv_val, sc->bv_val, sc->bv_len); 472 473 rc = lutil_b64_ntop( 474 (unsigned char *) string.bv_val, string.bv_len, 475 &b64->bv_val[sc->bv_len], b64len ); 476 477 if( salt ) ber_memfree( string.bv_val ); 478 479 if( rc < 0 ) { 480 return LUTIL_PASSWD_ERR; 481 } 482 483 /* recompute length */ 484 b64->bv_len = sc->bv_len + rc; 485 assert( strlen(b64->bv_val) == b64->bv_len ); 486 return LUTIL_PASSWD_OK; 487 } 488 489 /* PASSWORD CHECK ROUTINES */ 490 491 #ifdef LUTIL_SHA1_BYTES 492 static int chk_ssha1( 493 const struct berval *sc, 494 const struct berval * passwd, 495 const struct berval * cred, 496 const char **text ) 497 { 498 lutil_SHA1_CTX SHA1context; 499 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 500 int rc; 501 unsigned char *orig_pass = NULL; 502 size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); 503 504 /* safety check -- must have some salt */ 505 if (decode_len <= sizeof(SHA1digest)) { 506 return LUTIL_PASSWD_ERR; 507 } 508 509 /* decode base64 password */ 510 orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); 511 512 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 513 514 rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); 515 516 /* safety check -- must have some salt */ 517 if (rc <= (int)(sizeof(SHA1digest))) { 518 ber_memfree(orig_pass); 519 return LUTIL_PASSWD_ERR; 520 } 521 522 /* hash credentials with salt */ 523 lutil_SHA1Init(&SHA1context); 524 lutil_SHA1Update(&SHA1context, 525 (const unsigned char *) cred->bv_val, cred->bv_len); 526 lutil_SHA1Update(&SHA1context, 527 (const unsigned char *) &orig_pass[sizeof(SHA1digest)], 528 rc - sizeof(SHA1digest)); 529 lutil_SHA1Final(SHA1digest, &SHA1context); 530 531 /* compare */ 532 rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); 533 ber_memfree(orig_pass); 534 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 535 } 536 537 static int chk_sha1( 538 const struct berval *sc, 539 const struct berval * passwd, 540 const struct berval * cred, 541 const char **text ) 542 { 543 lutil_SHA1_CTX SHA1context; 544 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 545 int rc; 546 unsigned char *orig_pass = NULL; 547 size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); 548 549 /* safety check */ 550 if (decode_len < sizeof(SHA1digest)) { 551 return LUTIL_PASSWD_ERR; 552 } 553 554 /* base64 un-encode password */ 555 orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); 556 557 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 558 559 rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); 560 561 if( rc != sizeof(SHA1digest) ) { 562 ber_memfree(orig_pass); 563 return LUTIL_PASSWD_ERR; 564 } 565 566 /* hash credentials with salt */ 567 lutil_SHA1Init(&SHA1context); 568 lutil_SHA1Update(&SHA1context, 569 (const unsigned char *) cred->bv_val, cred->bv_len); 570 lutil_SHA1Final(SHA1digest, &SHA1context); 571 572 /* compare */ 573 rc = memcmp((char *)orig_pass, (char *)SHA1digest, sizeof(SHA1digest)); 574 ber_memfree(orig_pass); 575 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 576 } 577 #endif 578 579 static int chk_smd5( 580 const struct berval *sc, 581 const struct berval * passwd, 582 const struct berval * cred, 583 const char **text ) 584 { 585 lutil_MD5_CTX MD5context; 586 unsigned char MD5digest[LUTIL_MD5_BYTES]; 587 int rc; 588 unsigned char *orig_pass = NULL; 589 size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); 590 591 /* safety check */ 592 if (decode_len <= sizeof(MD5digest)) { 593 return LUTIL_PASSWD_ERR; 594 } 595 596 /* base64 un-encode password */ 597 orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); 598 599 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 600 601 rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); 602 603 if (rc <= (int)(sizeof(MD5digest))) { 604 ber_memfree(orig_pass); 605 return LUTIL_PASSWD_ERR; 606 } 607 608 /* hash credentials with salt */ 609 lutil_MD5Init(&MD5context); 610 lutil_MD5Update(&MD5context, 611 (const unsigned char *) cred->bv_val, 612 cred->bv_len ); 613 lutil_MD5Update(&MD5context, 614 &orig_pass[sizeof(MD5digest)], 615 rc - sizeof(MD5digest)); 616 lutil_MD5Final(MD5digest, &MD5context); 617 618 /* compare */ 619 rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); 620 ber_memfree(orig_pass); 621 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 622 } 623 624 static int chk_md5( 625 const struct berval *sc, 626 const struct berval * passwd, 627 const struct berval * cred, 628 const char **text ) 629 { 630 lutil_MD5_CTX MD5context; 631 unsigned char MD5digest[LUTIL_MD5_BYTES]; 632 int rc; 633 unsigned char *orig_pass = NULL; 634 size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); 635 636 /* safety check */ 637 if (decode_len < sizeof(MD5digest)) { 638 return LUTIL_PASSWD_ERR; 639 } 640 641 /* base64 un-encode password */ 642 orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); 643 644 if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; 645 646 rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); 647 if ( rc != sizeof(MD5digest) ) { 648 ber_memfree(orig_pass); 649 return LUTIL_PASSWD_ERR; 650 } 651 652 /* hash credentials with salt */ 653 lutil_MD5Init(&MD5context); 654 lutil_MD5Update(&MD5context, 655 (const unsigned char *) cred->bv_val, 656 cred->bv_len ); 657 lutil_MD5Final(MD5digest, &MD5context); 658 659 /* compare */ 660 rc = memcmp((char *)orig_pass, (char *)MD5digest, sizeof(MD5digest)); 661 ber_memfree(orig_pass); 662 return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 663 } 664 665 #ifdef SLAPD_LMHASH 666 667 #if defined(HAVE_OPENSSL) 668 669 /* 670 * abstract away setting the parity. 671 */ 672 static void 673 des_set_key_and_parity( des_key *key, unsigned char *keyData) 674 { 675 memcpy(key, keyData, 8); 676 DES_set_odd_parity( key ); 677 } 678 679 680 #elif defined(HAVE_MOZNSS) 681 682 /* 683 * implement MozNSS wrappers for the openSSL calls 684 */ 685 static void 686 des_set_key_and_parity( des_key *key, unsigned char *keyData) 687 { 688 SECItem keyDataItem; 689 PK11SlotInfo *slot; 690 *key = NULL; 691 692 keyDataItem.data = keyData; 693 keyDataItem.len = 8; 694 695 slot = PK11_GetBestSlot(CKM_DES_ECB, NULL); 696 if (slot == NULL) { 697 return; 698 } 699 700 /* NOTE: this will not work in FIPS mode. In order to make lmhash 701 * work in fips mode we need to define a LMHASH pbe mechanism and 702 * do the fulll key derivation inside the token */ 703 *key = PK11_ImportSymKey(slot, CKM_DES_ECB, PK11_OriginGenerated, 704 CKA_ENCRYPT, &keyDataItem, NULL); 705 } 706 707 static void 708 DES_set_key_unchecked( des_key *key, des_context ctxt ) 709 { 710 ctxt[0] = NULL; 711 712 /* handle error conditions from previous call */ 713 if (!*key) { 714 return; 715 } 716 717 ctxt[0] = PK11_CreateContextBySymKey(CKM_DES_ECB, CKA_ENCRYPT, *key, NULL); 718 } 719 720 static void 721 DES_ecb_encrypt( des_data_block *plain, des_data_block *encrypted, 722 des_context ctxt, int op) 723 { 724 SECStatus rv; 725 int size; 726 727 if (ctxt[0] == NULL) { 728 /* need to fail here... */ 729 memset(encrypted, 0, sizeof(des_data_block)); 730 return; 731 } 732 rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0], 733 &size, sizeof(des_data_block), 734 (unsigned char *)&plain[0], sizeof(des_data_block)); 735 if (rv != SECSuccess) { 736 /* signal failure */ 737 memset(encrypted, 0, sizeof(des_data_block)); 738 return; 739 } 740 return; 741 } 742 743 static int 744 des_failed(des_data_block *encrypted) 745 { 746 static const des_data_block zero = { 0 }; 747 return memcmp(encrypted, zero, sizeof(zero)) == 0; 748 } 749 750 static void 751 des_finish(des_key *key, des_context ctxt) 752 { 753 if (*key) { 754 PK11_FreeSymKey(*key); 755 *key = NULL; 756 } 757 if (ctxt[0]) { 758 PK11_Finalize(ctxt[0]); 759 PK11_DestroyContext(ctxt[0], PR_TRUE); 760 ctxt[0] = NULL; 761 } 762 } 763 764 #endif 765 766 /* pseudocode from RFC2433 767 * A.2 LmPasswordHash() 768 * 769 * LmPasswordHash( 770 * IN 0-to-14-oem-char Password, 771 * OUT 16-octet PasswordHash ) 772 * { 773 * Set UcasePassword to the uppercased Password 774 * Zero pad UcasePassword to 14 characters 775 * 776 * DesHash( 1st 7-octets of UcasePassword, 777 * giving 1st 8-octets of PasswordHash ) 778 * 779 * DesHash( 2nd 7-octets of UcasePassword, 780 * giving 2nd 8-octets of PasswordHash ) 781 * } 782 * 783 * 784 * A.3 DesHash() 785 * 786 * DesHash( 787 * IN 7-octet Clear, 788 * OUT 8-octet Cypher ) 789 * { 790 * * 791 * * Make Cypher an irreversibly encrypted form of Clear by 792 * * encrypting known text using Clear as the secret key. 793 * * The known text consists of the string 794 * * 795 * * KGS!@#$% 796 * * 797 * 798 * Set StdText to "KGS!@#$%" 799 * DesEncrypt( StdText, Clear, giving Cypher ) 800 * } 801 * 802 * 803 * A.4 DesEncrypt() 804 * 805 * DesEncrypt( 806 * IN 8-octet Clear, 807 * IN 7-octet Key, 808 * OUT 8-octet Cypher ) 809 * { 810 * * 811 * * Use the DES encryption algorithm [4] in ECB mode [9] 812 * * to encrypt Clear into Cypher such that Cypher can 813 * * only be decrypted back to Clear by providing Key. 814 * * Note that the DES algorithm takes as input a 64-bit 815 * * stream where the 8th, 16th, 24th, etc. bits are 816 * * parity bits ignored by the encrypting algorithm. 817 * * Unless you write your own DES to accept 56-bit input 818 * * without parity, you will need to insert the parity bits 819 * * yourself. 820 * * 821 * } 822 */ 823 824 static void lmPasswd_to_key( 825 const char *lmPasswd, 826 des_key *key) 827 { 828 const unsigned char *lpw = (const unsigned char *) lmPasswd; 829 unsigned char k[8]; 830 831 /* make room for parity bits */ 832 k[0] = lpw[0]; 833 k[1] = ((lpw[0] & 0x01) << 7) | (lpw[1] >> 1); 834 k[2] = ((lpw[1] & 0x03) << 6) | (lpw[2] >> 2); 835 k[3] = ((lpw[2] & 0x07) << 5) | (lpw[3] >> 3); 836 k[4] = ((lpw[3] & 0x0F) << 4) | (lpw[4] >> 4); 837 k[5] = ((lpw[4] & 0x1F) << 3) | (lpw[5] >> 5); 838 k[6] = ((lpw[5] & 0x3F) << 2) | (lpw[6] >> 6); 839 k[7] = ((lpw[6] & 0x7F) << 1); 840 841 des_set_key_and_parity( key, k ); 842 } 843 844 static int chk_lanman( 845 const struct berval *scheme, 846 const struct berval *passwd, 847 const struct berval *cred, 848 const char **text ) 849 { 850 ber_len_t i; 851 char UcasePassword[15]; 852 des_key key; 853 des_context schedule; 854 des_data_block StdText = "KGS!@#$%"; 855 des_data_block PasswordHash1, PasswordHash2; 856 char PasswordHash[33], storedPasswordHash[33]; 857 858 for( i=0; i<cred->bv_len; i++) { 859 if(cred->bv_val[i] == '\0') { 860 return LUTIL_PASSWD_ERR; /* NUL character in password */ 861 } 862 } 863 864 if( cred->bv_val[i] != '\0' ) { 865 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 866 } 867 868 strncpy( UcasePassword, cred->bv_val, 14 ); 869 UcasePassword[14] = '\0'; 870 ldap_pvt_str2upper( UcasePassword ); 871 872 lmPasswd_to_key( UcasePassword, &key ); 873 DES_set_key_unchecked( &key, schedule ); 874 DES_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); 875 876 if (des_failed(&PasswordHash1)) { 877 return LUTIL_PASSWD_ERR; 878 } 879 880 lmPasswd_to_key( &UcasePassword[7], &key ); 881 DES_set_key_unchecked( &key, schedule ); 882 DES_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); 883 if (des_failed(&PasswordHash2)) { 884 return LUTIL_PASSWD_ERR; 885 } 886 887 des_finish( &key, schedule ); 888 889 sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 890 PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3], 891 PasswordHash1[4],PasswordHash1[5],PasswordHash1[6],PasswordHash1[7], 892 PasswordHash2[0],PasswordHash2[1],PasswordHash2[2],PasswordHash2[3], 893 PasswordHash2[4],PasswordHash2[5],PasswordHash2[6],PasswordHash2[7] ); 894 895 /* as a precaution convert stored password hash to lower case */ 896 strncpy( storedPasswordHash, passwd->bv_val, 32 ); 897 storedPasswordHash[32] = '\0'; 898 ldap_pvt_str2lower( storedPasswordHash ); 899 900 return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 901 } 902 #endif /* SLAPD_LMHASH */ 903 904 #ifdef SLAPD_CRYPT 905 static int lutil_crypt( 906 const char *key, 907 const char *salt, 908 char **hash ) 909 { 910 char *cr = crypt( key, salt ); 911 int rc; 912 913 if( cr == NULL || cr[0] == '\0' ) { 914 /* salt must have been invalid */ 915 rc = LUTIL_PASSWD_ERR; 916 } else { 917 if ( hash ) { 918 *hash = ber_strdup( cr ); 919 rc = LUTIL_PASSWD_OK; 920 } else { 921 rc = strcmp( salt, cr ) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; 922 } 923 } 924 return rc; 925 } 926 927 static int chk_crypt( 928 const struct berval *sc, 929 const struct berval * passwd, 930 const struct berval * cred, 931 const char **text ) 932 { 933 unsigned int i; 934 935 for( i=0; i<cred->bv_len; i++) { 936 if(cred->bv_val[i] == '\0') { 937 return LUTIL_PASSWD_ERR; /* NUL character in password */ 938 } 939 } 940 941 if( cred->bv_val[i] != '\0' ) { 942 return LUTIL_PASSWD_ERR; /* cred must behave like a string */ 943 } 944 945 if( passwd->bv_len < 2 ) { 946 return LUTIL_PASSWD_ERR; /* passwd must be at least two characters long */ 947 } 948 949 for( i=0; i<passwd->bv_len; i++) { 950 if(passwd->bv_val[i] == '\0') { 951 return LUTIL_PASSWD_ERR; /* NUL character in password */ 952 } 953 } 954 955 if( passwd->bv_val[i] != '\0' ) { 956 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 957 } 958 959 return lutil_cryptptr( cred->bv_val, passwd->bv_val, NULL ); 960 } 961 962 # if defined( HAVE_GETPWNAM ) && defined( HAVE_STRUCT_PASSWD_PW_PASSWD ) 963 static int chk_unix( 964 const struct berval *sc, 965 const struct berval * passwd, 966 const struct berval * cred, 967 const char **text ) 968 { 969 unsigned int i; 970 char *pw; 971 972 for( i=0; i<cred->bv_len; i++) { 973 if(cred->bv_val[i] == '\0') { 974 return LUTIL_PASSWD_ERR; /* NUL character in password */ 975 } 976 } 977 if( cred->bv_val[i] != '\0' ) { 978 return LUTIL_PASSWD_ERR; /* cred must behave like a string */ 979 } 980 981 for( i=0; i<passwd->bv_len; i++) { 982 if(passwd->bv_val[i] == '\0') { 983 return LUTIL_PASSWD_ERR; /* NUL character in password */ 984 } 985 } 986 987 if( passwd->bv_val[i] != '\0' ) { 988 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 989 } 990 991 { 992 struct passwd *pwd = getpwnam(passwd->bv_val); 993 994 if(pwd == NULL) { 995 return LUTIL_PASSWD_ERR; /* not found */ 996 } 997 998 pw = pwd->pw_passwd; 999 } 1000 # ifdef HAVE_GETSPNAM 1001 { 1002 struct spwd *spwd = getspnam(passwd->bv_val); 1003 1004 if(spwd != NULL) { 1005 pw = spwd->sp_pwdp; 1006 } 1007 } 1008 # endif 1009 # ifdef HAVE_AIX_SECURITY 1010 { 1011 struct userpw *upw = getuserpw(passwd->bv_val); 1012 1013 if (upw != NULL) { 1014 pw = upw->upw_passwd; 1015 } 1016 } 1017 # endif 1018 1019 if( pw == NULL || pw[0] == '\0' || pw[1] == '\0' ) { 1020 /* password must must be at least two characters long */ 1021 return LUTIL_PASSWD_ERR; 1022 } 1023 1024 return lutil_cryptptr( cred->bv_val, pw, NULL ); 1025 } 1026 # endif 1027 #endif 1028 1029 /* PASSWORD GENERATION ROUTINES */ 1030 1031 #ifdef LUTIL_SHA1_BYTES 1032 static int hash_ssha1( 1033 const struct berval *scheme, 1034 const struct berval *passwd, 1035 struct berval *hash, 1036 const char **text ) 1037 { 1038 lutil_SHA1_CTX SHA1context; 1039 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 1040 char saltdata[SALT_SIZE]; 1041 struct berval digest; 1042 struct berval salt; 1043 1044 digest.bv_val = (char *) SHA1digest; 1045 digest.bv_len = sizeof(SHA1digest); 1046 salt.bv_val = saltdata; 1047 salt.bv_len = sizeof(saltdata); 1048 1049 if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { 1050 return LUTIL_PASSWD_ERR; 1051 } 1052 1053 lutil_SHA1Init( &SHA1context ); 1054 lutil_SHA1Update( &SHA1context, 1055 (const unsigned char *)passwd->bv_val, passwd->bv_len ); 1056 lutil_SHA1Update( &SHA1context, 1057 (const unsigned char *)salt.bv_val, salt.bv_len ); 1058 lutil_SHA1Final( SHA1digest, &SHA1context ); 1059 1060 return lutil_passwd_string64( scheme, &digest, hash, &salt); 1061 } 1062 1063 static int hash_sha1( 1064 const struct berval *scheme, 1065 const struct berval *passwd, 1066 struct berval *hash, 1067 const char **text ) 1068 { 1069 lutil_SHA1_CTX SHA1context; 1070 unsigned char SHA1digest[LUTIL_SHA1_BYTES]; 1071 struct berval digest; 1072 digest.bv_val = (char *) SHA1digest; 1073 digest.bv_len = sizeof(SHA1digest); 1074 1075 lutil_SHA1Init( &SHA1context ); 1076 lutil_SHA1Update( &SHA1context, 1077 (const unsigned char *)passwd->bv_val, passwd->bv_len ); 1078 lutil_SHA1Final( SHA1digest, &SHA1context ); 1079 1080 return lutil_passwd_string64( scheme, &digest, hash, NULL); 1081 } 1082 #endif 1083 1084 static int hash_smd5( 1085 const struct berval *scheme, 1086 const struct berval *passwd, 1087 struct berval *hash, 1088 const char **text ) 1089 { 1090 lutil_MD5_CTX MD5context; 1091 unsigned char MD5digest[LUTIL_MD5_BYTES]; 1092 char saltdata[SALT_SIZE]; 1093 struct berval digest; 1094 struct berval salt; 1095 1096 digest.bv_val = (char *) MD5digest; 1097 digest.bv_len = sizeof(MD5digest); 1098 salt.bv_val = saltdata; 1099 salt.bv_len = sizeof(saltdata); 1100 1101 if( lutil_entropy( (unsigned char *) salt.bv_val, salt.bv_len) < 0 ) { 1102 return LUTIL_PASSWD_ERR; 1103 } 1104 1105 lutil_MD5Init( &MD5context ); 1106 lutil_MD5Update( &MD5context, 1107 (const unsigned char *) passwd->bv_val, passwd->bv_len ); 1108 lutil_MD5Update( &MD5context, 1109 (const unsigned char *) salt.bv_val, salt.bv_len ); 1110 lutil_MD5Final( MD5digest, &MD5context ); 1111 1112 return lutil_passwd_string64( scheme, &digest, hash, &salt ); 1113 } 1114 1115 static int hash_md5( 1116 const struct berval *scheme, 1117 const struct berval *passwd, 1118 struct berval *hash, 1119 const char **text ) 1120 { 1121 lutil_MD5_CTX MD5context; 1122 unsigned char MD5digest[LUTIL_MD5_BYTES]; 1123 1124 struct berval digest; 1125 1126 digest.bv_val = (char *) MD5digest; 1127 digest.bv_len = sizeof(MD5digest); 1128 1129 lutil_MD5Init( &MD5context ); 1130 lutil_MD5Update( &MD5context, 1131 (const unsigned char *) passwd->bv_val, passwd->bv_len ); 1132 lutil_MD5Final( MD5digest, &MD5context ); 1133 1134 return lutil_passwd_string64( scheme, &digest, hash, NULL ); 1135 ; 1136 } 1137 1138 #ifdef SLAPD_LMHASH 1139 static int hash_lanman( 1140 const struct berval *scheme, 1141 const struct berval *passwd, 1142 struct berval *hash, 1143 const char **text ) 1144 { 1145 1146 ber_len_t i; 1147 char UcasePassword[15]; 1148 des_key key; 1149 des_context schedule; 1150 des_data_block StdText = "KGS!@#$%"; 1151 des_data_block PasswordHash1, PasswordHash2; 1152 char PasswordHash[33]; 1153 1154 for( i=0; i<passwd->bv_len; i++) { 1155 if(passwd->bv_val[i] == '\0') { 1156 return LUTIL_PASSWD_ERR; /* NUL character in password */ 1157 } 1158 } 1159 1160 if( passwd->bv_val[i] != '\0' ) { 1161 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 1162 } 1163 1164 strncpy( UcasePassword, passwd->bv_val, 14 ); 1165 UcasePassword[14] = '\0'; 1166 ldap_pvt_str2upper( UcasePassword ); 1167 1168 lmPasswd_to_key( UcasePassword, &key ); 1169 DES_set_key_unchecked( &key, schedule ); 1170 DES_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); 1171 1172 lmPasswd_to_key( &UcasePassword[7], &key ); 1173 DES_set_key_unchecked( &key, schedule ); 1174 DES_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); 1175 1176 sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", 1177 PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3], 1178 PasswordHash1[4],PasswordHash1[5],PasswordHash1[6],PasswordHash1[7], 1179 PasswordHash2[0],PasswordHash2[1],PasswordHash2[2],PasswordHash2[3], 1180 PasswordHash2[4],PasswordHash2[5],PasswordHash2[6],PasswordHash2[7] ); 1181 1182 hash->bv_val = PasswordHash; 1183 hash->bv_len = 32; 1184 1185 return pw_string( scheme, hash ); 1186 } 1187 #endif /* SLAPD_LMHASH */ 1188 1189 #ifdef SLAPD_CRYPT 1190 static int hash_crypt( 1191 const struct berval *scheme, 1192 const struct berval *passwd, 1193 struct berval *hash, 1194 const char **text ) 1195 { 1196 unsigned char salt[32]; /* salt suitable for most anything */ 1197 unsigned int i; 1198 char *save; 1199 int rc; 1200 1201 for( i=0; i<passwd->bv_len; i++) { 1202 if(passwd->bv_val[i] == '\0') { 1203 return LUTIL_PASSWD_ERR; /* NUL character in password */ 1204 } 1205 } 1206 1207 if( passwd->bv_val[i] != '\0' ) { 1208 return LUTIL_PASSWD_ERR; /* passwd must behave like a string */ 1209 } 1210 1211 if( lutil_entropy( salt, sizeof( salt ) ) < 0 ) { 1212 return LUTIL_PASSWD_ERR; 1213 } 1214 1215 for( i=0; i< ( sizeof(salt) - 1 ); i++ ) { 1216 salt[i] = crypt64[ salt[i] % (sizeof(crypt64)-1) ]; 1217 } 1218 salt[sizeof( salt ) - 1 ] = '\0'; 1219 1220 if( salt_format != NULL ) { 1221 /* copy the salt we made into entropy before snprintfing 1222 it back into the salt */ 1223 char entropy[sizeof(salt)]; 1224 strcpy( entropy, (char *) salt ); 1225 snprintf( (char *) salt, sizeof(entropy), salt_format, entropy ); 1226 } 1227 1228 rc = lutil_cryptptr( passwd->bv_val, (char *) salt, &hash->bv_val ); 1229 if ( rc != LUTIL_PASSWD_OK ) return rc; 1230 1231 if( hash->bv_val == NULL ) return -1; 1232 1233 hash->bv_len = strlen( hash->bv_val ); 1234 1235 save = hash->bv_val; 1236 1237 if( hash->bv_len == 0 ) { 1238 rc = LUTIL_PASSWD_ERR; 1239 } else { 1240 rc = pw_string( scheme, hash ); 1241 } 1242 ber_memfree( save ); 1243 return rc; 1244 } 1245 #endif 1246 1247 int lutil_salt_format(const char *format) 1248 { 1249 #ifdef SLAPD_CRYPT 1250 ber_memfree( salt_format ); 1251 1252 salt_format = format != NULL ? ber_strdup( format ) : NULL; 1253 #endif 1254 1255 return 0; 1256 } 1257 1258 #ifdef SLAPD_CLEARTEXT 1259 static int hash_clear( 1260 const struct berval *scheme, 1261 const struct berval *passwd, 1262 struct berval *hash, 1263 const char **text ) 1264 { 1265 ber_dupbv( hash, (struct berval *)passwd ); 1266 return LUTIL_PASSWD_OK; 1267 } 1268 #endif 1269 1270