archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/net/ias/providers/ntuser/auth/blob.cpp

406 lines
10 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 1998, Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // blob.cpp
  8. //
  9. // SYNOPSIS
  10. //
  11. // Defines the various 'blob' classes.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 08/24/1998 Original version.
  16. // 10/25/1998 New symbolic constants for ARAP.
  17. // 11/10/1998 Added isLmPresent().
  18. // 01/04/1999 MSChapError::insert takes a PPP error code.
  19. // 01/25/1999 MS-CHAP v2
  20. // 05/04/1999 New reason codes.
  21. // 05/11/1999 Fix RADIUS encryption.
  22. // 05/28/1999 Fix MS-MPPE-Keys format.
  23. // 02/17/2000 Key encryption is now handled by the protocol.
  24. //
  25. ///////////////////////////////////////////////////////////////////////////////
  27. #include <ias.h>
  28. #include <sdoias.h>
  29. #include <align.h>
  31. #include <algorithm>
  32. #include <cstdio>
  34. #include <samutil.h>
  35. #include <blob.h>
  37. bool MSChapResponse::isLmPresent() const throw ()
  38. {
  39. const BYTE* p = get().lmResponse + _LM_RESPONSE_LENGTH;
  41. do { } while (--p >= get().lmResponse && *p == 0);
  43. return p >= get().lmResponse;
  44. }
  46. bool MSChapCPW2::isLmPresent() const throw ()
  47. {
  48. // Do we have either an LM response or an LM hash.
  49. if ((get().flags[1] & 0x3) != 0x1) { return true; }
  51. // Now make sure the LM fields are zeroed out.
  52. const BYTE* p = get().oldLmHash +
  53. _ENCRYPTED_LM_OWF_PASSWORD_LENGTH + _LM_RESPONSE_LENGTH;
  55. do { } while (--p >= get().oldLmHash && *p == 0);
  57. return p >= get().oldLmHash;
  58. }
  60. //////////
  61. // Retrieves and assembles an MS-CHAP encrypted password. Returns 'true' if
  62. // the password is present, false otherwise.
  63. //////////
  64. BOOL MSChapEncPW::getEncryptedPassword(
  65. IASRequest& request,
  66. DWORD dwId,
  67. PBYTE buf
  68. )
  69. {
  70. //////////
  71. // Are there any attribute with the desired ID ?
  72. //////////
  74. IASAttributeVectorWithBuffer<8> attrs;
  75. if (attrs.load(request, dwId) == 0)
  76. {
  77. return false;
  78. }
  80. //////////
  81. // Allocate space on the stack for the blobs.
  82. //////////
  84. MSChapEncPW* begin = IAS_STACK_NEW(MSChapEncPW, attrs.size());
  85. MSChapEncPW* end = begin;
  87. //////////
  88. // Convert the attributes to password chunks and determine the total length.
  89. //////////
  91. DWORD length = 0;
  92. IASAttributeVector::iterator i;
  93. for (i = attrs.begin(); i != attrs.end(); ++i, ++end)
  94. {
  95. *end = blob_cast<MSChapEncPW>(i->pAttribute);
  97. length += end->getStringLength();
  98. }
  100. //////////
  101. // Do we have the right length ?
  102. //////////
  104. if (length != _SAMPR_ENCRYPTED_USER_PASSWORD_LENGTH)
  105. {
  106. _com_issue_error(IAS_MALFORMED_REQUEST);
  107. }
  109. //////////
  110. // Sort the chunks ...
  111. //////////
  113. std::sort(begin, end);
  115. //////////
  116. // ... then concatenate the strings into the buffer.
  117. //////////
  119. for ( ; begin != end; ++begin)
  120. {
  121. memcpy(buf, begin->get().string, begin->getStringLength());
  123. buf += begin->getStringLength();
  124. }
  126. return true;
  127. }
  129. void MSChapDomain::insert(
  130. IASRequest& request,
  131. BYTE ident,
  132. PCWSTR domain
  133. )
  134. {
  135. //////////
  136. // Allocate an attribute.
  137. //////////
  139. IASAttribute attr(true);
  141. //////////
  142. // Allocate memory for the blob.
  143. //////////
  145. int len = WideCharToMultiByte(CP_ACP, 0, domain, -1, 0, 0, 0, 0);
  146. Layout* val = (Layout*)CoTaskMemAlloc(len + sizeof(Layout));
  147. if (val == NULL) { _com_issue_error(E_OUTOFMEMORY); }
  149. //////////
  150. // Initialize the blob.
  151. //////////
  153. val->ident = ident;
  154. WideCharToMultiByte(CP_ACP, 0, domain, -1, (PSTR)val->string, len, 0, 0);
  156. //////////
  157. // Initialize the attribute and store.
  158. //////////
  160. attr->dwId = MS_ATTRIBUTE_CHAP_DOMAIN;
  161. attr->Value.itType = IASTYPE_OCTET_STRING;
  162. attr->Value.OctetString.lpValue = (PBYTE)val;
  163. attr->Value.OctetString.dwLength = len + sizeof(Layout) - 1;
  164. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  166. attr.store(request);
  167. }
  169. void MSChapError::insert(
  170. IASRequest& request,
  171. BYTE ident,
  172. DWORD errorCode
  173. )
  174. {
  175. //////////
  176. // Allocate an attribute.
  177. //////////
  179. IASAttribute attr(true);
  181. //////////
  182. // Format the error message.
  183. //////////
  185. CHAR buffer[32];
  186. sprintf(buffer, "E=%lu R=0 V=3", errorCode);
  188. //////////
  189. // Allocate memory for the blob.
  190. //////////
  192. ULONG len = strlen(buffer);
  193. Layout* val = (Layout*)CoTaskMemAlloc(len + sizeof(Layout));
  194. if (val == NULL) { _com_issue_error(E_OUTOFMEMORY); }
  196. //////////
  197. // Initialize the blob.
  198. //////////
  200. val->ident = ident;
  201. memcpy(val->string, buffer, len);
  203. //////////
  204. // Initialize the attribute and store.
  205. //////////
  207. attr->dwId = MS_ATTRIBUTE_CHAP_ERROR;
  208. attr->Value.itType = IASTYPE_OCTET_STRING;
  209. attr->Value.OctetString.lpValue = (PBYTE)val;
  210. attr->Value.OctetString.dwLength = len + sizeof(Layout);
  211. attr->dwFlags = IAS_INCLUDE_IN_REJECT;
  213. attr.store(request);
  214. }
  216. void MSChapMPPEKeys::insert(
  217. IASRequest& request,
  218. PBYTE lmKey,
  219. PBYTE ntKey,
  220. PBYTE challenge
  221. )
  222. {
  223. //////////
  224. // Allocate an attribute.
  225. //////////
  227. IASAttribute attr(true);
  229. //////////
  230. // Allocate memory for the value.
  231. //////////
  233. Layout* val = (Layout*)CoTaskMemAlloc(sizeof(Layout));
  234. if (val == NULL) { _com_issue_error(E_OUTOFMEMORY); }
  236. //////////
  237. // Initialize the blob.
  238. //////////
  240. memcpy(val->lmKey, lmKey, sizeof(val->lmKey));
  241. memcpy(val->ntKey, ntKey, sizeof(val->ntKey));
  242. memcpy(val->challenge, challenge, sizeof(val->challenge));
  244. //////////
  245. // Initialize the attribute and store.
  246. //////////
  248. attr->dwId = MS_ATTRIBUTE_CHAP_MPPE_KEYS;
  249. attr->Value.itType = IASTYPE_OCTET_STRING;
  250. attr->Value.OctetString.lpValue = (PBYTE)val;
  251. attr->Value.OctetString.dwLength = sizeof(Layout);
  252. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  254. attr.store(request);
  255. }
  257. // Convert a number to a hex representation.
  258. inline BYTE num2Digit(BYTE num) throw ()
  259. {
  260. return (num < 10) ? num + '0' : num + ('A' - 10);
  261. }
  263. void MSChap2Success::insert(
  264. IASRequest& request,
  265. BYTE ident,
  266. PBYTE authenticatorResponse
  267. )
  268. {
  269. //////////
  270. // Allocate an attribute.
  271. //////////
  273. IASAttribute attr(true);
  275. //////////
  276. // Allocate memory for the value.
  277. //////////
  279. Layout* val = (Layout*)CoTaskMemAlloc(sizeof(Layout));
  280. if (val == NULL) { _com_issue_error(E_OUTOFMEMORY); }
  282. //////////
  283. // Initialize the blob.
  284. //////////
  286. val->ident = ident;
  287. PBYTE p = val->string;
  288. *p++ = 'S';
  289. *p++ = '=';
  290. for (size_t i = 0; i < 20; ++i)
  291. {
  292. *p++ = num2Digit(authenticatorResponse[i] >> 4);
  293. *p++ = num2Digit(authenticatorResponse[i] & 0xF);
  294. }
  296. //////////
  297. // Initialize the attribute and store.
  298. //////////
  300. attr->dwId = MS_ATTRIBUTE_CHAP2_SUCCESS;
  301. attr->Value.itType = IASTYPE_OCTET_STRING;
  302. attr->Value.OctetString.lpValue = (PBYTE)val;
  303. attr->Value.OctetString.dwLength = sizeof(Layout);
  304. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  306. attr.store(request);
  307. }
  309. void MSMPPEKey::insert(
  310. IASRequest& request,
  311. ULONG keyLength,
  312. PBYTE key,
  313. BOOL isSendKey
  314. )
  315. {
  316. //////////
  317. // Allocate an attribute.
  318. //////////
  320. IASAttribute attr(true);
  322. //////////
  323. // Allocate memory for the value.
  324. //////////
  326. ULONG nbyte = ROUND_UP_COUNT(keyLength + 1, 16) + 2;
  327. Layout* val = (Layout*)CoTaskMemAlloc(nbyte);
  328. if (val == NULL) { _com_issue_error(E_OUTOFMEMORY); }
  329. memset(val, 0, nbyte);
  331. //////////
  332. // Initialize the blob.
  333. //////////
  335. val->keyLength = (BYTE)keyLength;
  336. memcpy(val->key, key, keyLength);
  338. //////////
  339. // Initialize the attribute, encrypt, and store.
  340. //////////
  342. attr->dwId = isSendKey ? MS_ATTRIBUTE_MPPE_SEND_KEY
  343. : MS_ATTRIBUTE_MPPE_RECV_KEY;
  344. attr->Value.itType = IASTYPE_OCTET_STRING;
  345. attr->Value.OctetString.lpValue = (PBYTE)val;
  346. attr->Value.OctetString.dwLength = nbyte;
  347. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  349. attr.store(request);
  350. }
  352. void ArapChallengeResponse::insert(
  353. IASRequest& request,
  354. DWORD NTResponse1,
  355. DWORD NTResponse2
  356. )
  357. {
  358. // Allocate an attribute.
  359. IASAttribute attr(true);
  361. // Pack the fields. These are already in network order.
  362. Layout value;
  363. memcpy(value.ntResponse1, &NTResponse1, 4);
  364. memcpy(value.ntResponse2, &NTResponse2, 4);
  366. // Store the value.
  367. attr.setOctetString(sizeof(value), (const BYTE*)&value);
  369. // Initialize the remaining fields.
  370. attr->dwId = RADIUS_ATTRIBUTE_ARAP_CHALLENGE_RESPONSE;
  371. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  373. // Insert the attribute into the request.
  374. attr.store(request);
  375. }
  377. void ArapFeatures::insert(
  378. IASRequest& request,
  379. DWORD PwdCreationDate,
  380. DWORD PwdExpiryDelta,
  381. DWORD CurrentTime
  382. )
  383. {
  384. // Allocate an attribute.
  385. IASAttribute attr(true);
  387. // Pack the fields.
  388. Layout value;
  389. value.changePasswordAllowed = 1; // Change password always allowed.
  390. value.minPasswordLength = 3; // Arbitrary.
  392. // These are already in network order.
  393. memcpy(value.pwdCreationDate, &PwdCreationDate, 4);
  394. memcpy(value.pwdExpiryDelta, &PwdExpiryDelta, 4);
  395. memcpy(value.currentTime, &CurrentTime, 4);
  397. // Store the value.
  398. attr.setOctetString(sizeof(value), (const BYTE*)&value);
  400. // Initialize the rest of the fields.
  401. attr->dwId = RADIUS_ATTRIBUTE_ARAP_FEATURES;
  402. attr->dwFlags = IAS_INCLUDE_IN_ACCEPT;
  404. // Insert the attribute into the request.
  405. attr.store(request);
  406. }