1 /*-
2 * Copyright (c) 2003 Michael Bretterklieber
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
29
30 #include <sys/types.h>
31
32 #include <netinet/in.h>
33
34 #include <ctype.h>
35 #include <err.h>
36 #include <md4.h>
37 #include <stdarg.h>
38 #include <stdio.h>
39 #include <string.h>
40 #include <unistd.h>
41
42 #include "crypt.h"
43
44 /*
45 * NT HASH = md4(str2unicode(pw))
46 */
47
48 /* ARGSUSED */
49 char *
crypt_nthash(const char * pw,const char * salt __unused)50 crypt_nthash(const char *pw, const char *salt __unused)
51 {
52 size_t unipwLen;
53 int i, j;
54 static char hexconvtab[] = "0123456789abcdef";
55 static const char *magic = "$3$";
56 static char passwd[120];
57 u_int16_t unipw[128];
58 char final[MD4_SIZE*2 + 1];
59 u_char hash[MD4_SIZE];
60 const char *s;
61 MD4_CTX ctx;
62
63 bzero(unipw, sizeof(unipw));
64 /* convert to unicode (thanx Archie) */
65 unipwLen = 0;
66 for (s = pw; unipwLen < sizeof(unipw) / 2 && *s; s++)
67 unipw[unipwLen++] = htons(*s << 8);
68
69 /* Compute MD4 of Unicode password */
70 MD4Init(&ctx);
71 MD4Update(&ctx, (u_char *)unipw, unipwLen*sizeof(u_int16_t));
72 MD4Final(hash, &ctx);
73
74 for (i = j = 0; i < MD4_SIZE; i++) {
75 final[j++] = hexconvtab[hash[i] >> 4];
76 final[j++] = hexconvtab[hash[i] & 15];
77 }
78 final[j] = '\0';
79
80 strcpy(passwd, magic);
81 strcat(passwd, "$");
82 strncat(passwd, final, MD4_SIZE*2);
83
84 /* Don't leave anything around in vm they could use. */
85 memset(final, 0, sizeof(final));
86
87 return (passwd);
88 }
89