Blame - ap/app/ppp-2.4.1/pppd/mppe.c - T106_DC

blob: 0e08c40f5ded1520b5b46aef2bdf41d4a0cf7c17 [file] [log] [blame]

lh	9ed821d	2023-04-07 01:36:19 -0700	[diff] [blame]	1	/*
				2	* mppe - Mucking with PpP Encription
				3	*
				4	* Copyright (c) 1995 Árpád Magossányi
				5	* All rights reserved.
				6	*
				7	* Copyright (c) 1999 Tim Hockin, Cobalt Networks Inc.
				8	*
				9	* Redistribution and use in source and binary forms are permitted
				10	* provided that the above copyright notice and this paragraph are
				11	* duplicated in all such forms and that any documentation,
				12	* advertising materials, and other materials related to such
				13	* distribution and use acknowledge that the software was developed
				14	* by Pedro Roque Marques. The name of the author may not be used to
				15	* endorse or promote products derived from this software without
				16	* specific prior written permission.
				17	*
				18	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
				19	* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
				20	* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
				21	*/
				22
				23	#ifdef MPPE
				24
				25	#include <stdio.h>
				26	#include <sys/types.h>
				27	#include <string.h>
				28	#include <ctype.h>
				29	#include <syslog.h>
				30	#include <stdlib.h>
				31	#include <unistd.h>
				32	#include "pppd.h"
				33	#include "chap.h"
				34	#include "fsm.h"
				35	#include "ccp.h"
				36	#include "md4.h"
				37	#include <openssl/sha.h>
				38	#include "chap_ms.h"
				39	#include "extra_crypto.h"
				40
				41	static void
				42	mppe_get_start_key __P((unsigned char , unsigned char , unsigned char *));
				43	static void
				44	mppe_get_master_key __P((unsigned char , unsigned char , unsigned char *));
				45	static void
				46	GetAsymetricStartKey __P((unsigned char , unsigned char , int, int, int));
				47
				48	unsigned char mppe_master_send_key_40[8];
				49	unsigned char mppe_master_recv_key_40[8];
				50	unsigned char mppe_master_send_key_128[16];
				51	unsigned char mppe_master_recv_key_128[16];
				52	unsigned int mppe_allowed = 0;
				53
				54	/*
				55	* Pads used in key derivation - from sha1dgst.c
				56	*/
				57	static unsigned char SHApad1[40] =
				58	{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
				59	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
				60	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
				61	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
				62	static unsigned char SHApad2[40] =
				63	{0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2,
				64	0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2,
				65	0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2,
				66	0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2};
				67
				68
				69	/* This is used with chap-ms (v1) */
				70	void
				71	mppe_gen_master_key(char secret, int secret_len, unsigned char challenge)
				72	{
				73	unsigned char PasswordHash[MD4_SIGNATURE_SIZE];
				74	unsigned char PasswordHashHash[MD4_SIGNATURE_SIZE];
				75
				76	/* 40 bit */
				77	LmPasswordHash(secret, secret_len, PasswordHash);
				78	BCOPY(PasswordHash, mppe_master_send_key_40, 8);
				79	BCOPY(mppe_master_send_key_40, mppe_master_recv_key_40, 8);
				80
				81	/* 128 bit */
				82	NtPasswordHash(secret, secret_len, PasswordHash);
				83	md4(PasswordHash, sizeof(PasswordHash), PasswordHashHash);
				84	mppe_get_start_key(challenge, PasswordHashHash, mppe_master_send_key_128);
				85	BCOPY(mppe_master_send_key_128, mppe_master_recv_key_128, 16);
				86
				87	mppe_allowed = 1;
				88	}
				89
				90
				91	/* This is used with chap-ms-v2 (per MS' draft RFC) - 2 different keys */
				92	void
				93	mppe_gen_master_key_v2(char secret, int secret_len, unsigned char response,
				94	int is_server)
				95	{
				96	unsigned char PasswordHash[MD4_SIGNATURE_SIZE];
				97	unsigned char PasswordHashHash[MD4_SIGNATURE_SIZE];
				98	unsigned char MasterKey[MD4_SIGNATURE_SIZE];
				99
				100	/* 128 bit - 2 keys */
				101	NtPasswordHash(secret, secret_len, PasswordHash);
				102	md4(PasswordHash, sizeof(PasswordHash), PasswordHashHash);
				103	mppe_get_master_key(PasswordHashHash, response, MasterKey);
				104	GetAsymetricStartKey(MasterKey, mppe_master_send_key_128, 16,1, is_server);
				105	GetAsymetricStartKey(MasterKey, mppe_master_recv_key_128, 16,0, is_server);
				106
				107	/* 40 bit - 2 keys */
				108	BCOPY(mppe_master_send_key_128, mppe_master_send_key_40, 8);
				109	BCOPY(mppe_master_recv_key_128, mppe_master_recv_key_40, 8);
				110
				111	mppe_allowed = 1;
				112	}
				113
				114
				115	static void
				116	mppe_get_start_key(unsigned char Challenge, unsigned char NtPasswordHashHash,
				117	unsigned char *InitialSessionKey)
				118	{
				119	unsigned char Digest[SHA_DIGEST_LENGTH];
				120	SHA_CTX Context;
				121
				122	SHA1_Init(&Context);
				123	SHA1_Update(&Context, NtPasswordHashHash, 16);
				124	SHA1_Update(&Context, NtPasswordHashHash, 16);
				125	SHA1_Update(&Context, Challenge, 8);
				126	SHA1_Final(Digest, &Context);
				127	BCOPY(Digest, InitialSessionKey, 16);
				128	}
				129
				130	static void
				131	mppe_get_master_key(unsigned char PasswordHashHash, unsigned char NtResponse,
				132	unsigned char *MasterKey)
				133	{
				134	unsigned char Digest[SHA_DIGEST_LENGTH];
				135	SHA_CTX Context;
				136	static char Magic1[] = "This is the MPPE Master Key";
				137
				138	BZERO(Digest, sizeof(Digest));
				139
				140	SHA1_Init(&Context);
				141	SHA1_Update(&Context, PasswordHashHash, 16);
				142	SHA1_Update(&Context, NtResponse, 24);
				143	SHA1_Update(&Context, Magic1, sizeof(Magic1) - 1);
				144	SHA1_Final(Digest, &Context);
				145
				146	BCOPY(Digest, MasterKey, 16);
				147	}
				148
				149	static void
				150	GetAsymetricStartKey(unsigned char MasterKey, unsigned char SessionKey,
				151	int SessionKeyLength, int IsSend, int IsServer)
				152	{
				153	unsigned char Digest[SHA_DIGEST_LENGTH];
				154	SHA_CTX Context;
				155	char *s;
				156	static char Magic2[] = "On the client side, this is the send key; on the server side, it is the receive key.";
				157	static char Magic3[] = "On the client side, this is the receive key; on the server side, it is the send key.";
				158
				159	BZERO(Digest, sizeof(Digest));
				160	if(IsSend)
				161	{
				162	if(IsServer)
				163	s = Magic3;
				164	else
				165	s = Magic2;
				166	}
				167	else
				168	{
				169	if(IsServer)
				170	s = Magic2;
				171	else
				172	s = Magic3;
				173	}
				174
				175	SHA1_Init(&Context);
				176	SHA1_Update(&Context, MasterKey, 16);
				177	SHA1_Update(&Context, SHApad1, 40);
				178	SHA1_Update(&Context, s, 84);
				179	SHA1_Update(&Context, SHApad2, 40);
				180	SHA1_Final(Digest, &Context);
				181	BCOPY(Digest, SessionKey, SessionKeyLength);
				182	}
				183
				184	/*
				185	* Functions called from config options
				186	*/
				187	int
				188	setmppe_40(char **argv)
				189	{
				190	ccp_allowoptions[0].mppe = ccp_wantoptions[0].mppe = 1;
				191	ccp_allowoptions[0].mppe_40 = ccp_wantoptions[0].mppe_40 = 1;
				192	return 1;
				193	}
				194
				195	int
				196	setnomppe_40(char **argv)
				197	{
				198	ccp_allowoptions[0].mppe_40 = ccp_wantoptions[0].mppe_40 = 0;
				199	return 1;
				200	}
				201
				202	int
				203	setmppe_128(char **argv)
				204	{
				205	ccp_allowoptions[0].mppe = ccp_wantoptions[0].mppe = 1;
				206	ccp_allowoptions[0].mppe_128 = ccp_wantoptions[0].mppe_128 = 1;
				207	return 1;
				208	}
				209
				210	int
				211	setnomppe_128(char **argv)
				212	{
				213	ccp_allowoptions[0].mppe_128 = ccp_wantoptions[0].mppe_128 = 0;
				214	return 1;
				215	}
				216
				217	int
				218	setmppe_stateless(char **argv)
				219	{
				220	ccp_allowoptions[0].mppe_stateless = ccp_wantoptions[0].mppe_stateless = 1;
				221	return 1;
				222	}
				223
				224	int
				225	setnomppe_stateless(char **argv)
				226	{
				227	ccp_allowoptions[0].mppe_stateless = ccp_wantoptions[0].mppe_stateless = 0;
				228	return 1;
				229	}
				230	#endif /* MPPE */