1e5b75505Sopenharmony_ci/* 2e5b75505Sopenharmony_ci * MSCHAPV2 (RFC 2759) 3e5b75505Sopenharmony_ci * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi> 4e5b75505Sopenharmony_ci * 5e5b75505Sopenharmony_ci * This software may be distributed under the terms of the BSD license. 6e5b75505Sopenharmony_ci * See README for more details. 7e5b75505Sopenharmony_ci */ 8e5b75505Sopenharmony_ci 9e5b75505Sopenharmony_ci#include "includes.h" 10e5b75505Sopenharmony_ci 11e5b75505Sopenharmony_ci#include "common.h" 12e5b75505Sopenharmony_ci#include "crypto/ms_funcs.h" 13e5b75505Sopenharmony_ci#include "mschapv2.h" 14e5b75505Sopenharmony_ci 15e5b75505Sopenharmony_ciconst u8 * mschapv2_remove_domain(const u8 *username, size_t *len) 16e5b75505Sopenharmony_ci{ 17e5b75505Sopenharmony_ci size_t i; 18e5b75505Sopenharmony_ci 19e5b75505Sopenharmony_ci /* 20e5b75505Sopenharmony_ci * MSCHAPv2 does not include optional domain name in the 21e5b75505Sopenharmony_ci * challenge-response calculation, so remove domain prefix 22e5b75505Sopenharmony_ci * (if present). 23e5b75505Sopenharmony_ci */ 24e5b75505Sopenharmony_ci 25e5b75505Sopenharmony_ci for (i = 0; i < *len; i++) { 26e5b75505Sopenharmony_ci if (username[i] == '\\') { 27e5b75505Sopenharmony_ci *len -= i + 1; 28e5b75505Sopenharmony_ci return username + i + 1; 29e5b75505Sopenharmony_ci } 30e5b75505Sopenharmony_ci } 31e5b75505Sopenharmony_ci 32e5b75505Sopenharmony_ci return username; 33e5b75505Sopenharmony_ci} 34e5b75505Sopenharmony_ci 35e5b75505Sopenharmony_ci 36e5b75505Sopenharmony_ciint mschapv2_derive_response(const u8 *identity, size_t identity_len, 37e5b75505Sopenharmony_ci const u8 *password, size_t password_len, 38e5b75505Sopenharmony_ci int pwhash, 39e5b75505Sopenharmony_ci const u8 *auth_challenge, 40e5b75505Sopenharmony_ci const u8 *peer_challenge, 41e5b75505Sopenharmony_ci u8 *nt_response, u8 *auth_response, 42e5b75505Sopenharmony_ci u8 *master_key) 43e5b75505Sopenharmony_ci{ 44e5b75505Sopenharmony_ci const u8 *username; 45e5b75505Sopenharmony_ci size_t username_len; 46e5b75505Sopenharmony_ci u8 password_hash[16], password_hash_hash[16]; 47e5b75505Sopenharmony_ci 48e5b75505Sopenharmony_ci wpa_hexdump_ascii(MSG_DEBUG, "MSCHAPV2: Identity", 49e5b75505Sopenharmony_ci identity, identity_len); 50e5b75505Sopenharmony_ci username_len = identity_len; 51e5b75505Sopenharmony_ci username = mschapv2_remove_domain(identity, &username_len); 52e5b75505Sopenharmony_ci wpa_hexdump_ascii(MSG_DEBUG, "MSCHAPV2: Username", 53e5b75505Sopenharmony_ci username, username_len); 54e5b75505Sopenharmony_ci 55e5b75505Sopenharmony_ci wpa_hexdump(MSG_DEBUG, "MSCHAPV2: auth_challenge", 56e5b75505Sopenharmony_ci auth_challenge, MSCHAPV2_CHAL_LEN); 57e5b75505Sopenharmony_ci wpa_hexdump(MSG_DEBUG, "MSCHAPV2: peer_challenge", 58e5b75505Sopenharmony_ci peer_challenge, MSCHAPV2_CHAL_LEN); 59e5b75505Sopenharmony_ci wpa_hexdump_ascii(MSG_DEBUG, "MSCHAPV2: username", 60e5b75505Sopenharmony_ci username, username_len); 61e5b75505Sopenharmony_ci /* Authenticator response is not really needed yet, but calculate it 62e5b75505Sopenharmony_ci * here so that challenges need not be saved. */ 63e5b75505Sopenharmony_ci if (pwhash) { 64e5b75505Sopenharmony_ci wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: password hash", 65e5b75505Sopenharmony_ci password, password_len); 66e5b75505Sopenharmony_ci if (generate_nt_response_pwhash(auth_challenge, peer_challenge, 67e5b75505Sopenharmony_ci username, username_len, 68e5b75505Sopenharmony_ci password, nt_response) || 69e5b75505Sopenharmony_ci generate_authenticator_response_pwhash( 70e5b75505Sopenharmony_ci password, peer_challenge, auth_challenge, 71e5b75505Sopenharmony_ci username, username_len, nt_response, 72e5b75505Sopenharmony_ci auth_response)) 73e5b75505Sopenharmony_ci return -1; 74e5b75505Sopenharmony_ci } else { 75e5b75505Sopenharmony_ci wpa_hexdump_ascii_key(MSG_DEBUG, "MSCHAPV2: password", 76e5b75505Sopenharmony_ci password, password_len); 77e5b75505Sopenharmony_ci if (generate_nt_response(auth_challenge, peer_challenge, 78e5b75505Sopenharmony_ci username, username_len, 79e5b75505Sopenharmony_ci password, password_len, 80e5b75505Sopenharmony_ci nt_response) || 81e5b75505Sopenharmony_ci generate_authenticator_response(password, password_len, 82e5b75505Sopenharmony_ci peer_challenge, 83e5b75505Sopenharmony_ci auth_challenge, 84e5b75505Sopenharmony_ci username, username_len, 85e5b75505Sopenharmony_ci nt_response, 86e5b75505Sopenharmony_ci auth_response)) 87e5b75505Sopenharmony_ci return -1; 88e5b75505Sopenharmony_ci } 89e5b75505Sopenharmony_ci wpa_hexdump(MSG_DEBUG, "MSCHAPV2: NT Response", 90e5b75505Sopenharmony_ci nt_response, MSCHAPV2_NT_RESPONSE_LEN); 91e5b75505Sopenharmony_ci wpa_hexdump(MSG_DEBUG, "MSCHAPV2: Auth Response", 92e5b75505Sopenharmony_ci auth_response, MSCHAPV2_AUTH_RESPONSE_LEN); 93e5b75505Sopenharmony_ci 94e5b75505Sopenharmony_ci /* Generate master_key here since we have the needed data available. */ 95e5b75505Sopenharmony_ci if (pwhash) { 96e5b75505Sopenharmony_ci if (hash_nt_password_hash(password, password_hash_hash)) 97e5b75505Sopenharmony_ci return -1; 98e5b75505Sopenharmony_ci } else { 99e5b75505Sopenharmony_ci if (nt_password_hash(password, password_len, password_hash) || 100e5b75505Sopenharmony_ci hash_nt_password_hash(password_hash, password_hash_hash)) 101e5b75505Sopenharmony_ci return -1; 102e5b75505Sopenharmony_ci } 103e5b75505Sopenharmony_ci if (get_master_key(password_hash_hash, nt_response, master_key)) 104e5b75505Sopenharmony_ci return -1; 105e5b75505Sopenharmony_ci wpa_hexdump_key(MSG_DEBUG, "MSCHAPV2: Master Key", 106e5b75505Sopenharmony_ci master_key, MSCHAPV2_MASTER_KEY_LEN); 107e5b75505Sopenharmony_ci 108e5b75505Sopenharmony_ci return 0; 109e5b75505Sopenharmony_ci} 110e5b75505Sopenharmony_ci 111e5b75505Sopenharmony_ci 112e5b75505Sopenharmony_ciint mschapv2_verify_auth_response(const u8 *auth_response, 113e5b75505Sopenharmony_ci const u8 *buf, size_t buf_len) 114e5b75505Sopenharmony_ci{ 115e5b75505Sopenharmony_ci u8 recv_response[MSCHAPV2_AUTH_RESPONSE_LEN]; 116e5b75505Sopenharmony_ci if (buf_len < 2 + 2 * MSCHAPV2_AUTH_RESPONSE_LEN || 117e5b75505Sopenharmony_ci buf[0] != 'S' || buf[1] != '=' || 118e5b75505Sopenharmony_ci hexstr2bin((char *) (buf + 2), recv_response, 119e5b75505Sopenharmony_ci MSCHAPV2_AUTH_RESPONSE_LEN) || 120e5b75505Sopenharmony_ci os_memcmp_const(auth_response, recv_response, 121e5b75505Sopenharmony_ci MSCHAPV2_AUTH_RESPONSE_LEN) != 0) 122e5b75505Sopenharmony_ci return -1; 123e5b75505Sopenharmony_ci return 0; 124e5b75505Sopenharmony_ci} 125