OpenVAS Scanner 23.32.3
nasl_crypto.h File Reference
#include "nasl_lex_ctxt.h"
Include dependency graph for nasl_crypto.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define MD4_DIGEST_LENGTH   16

Functions

tree_cellnasl_md2 (lex_ctxt *)
tree_cellnasl_md4 (lex_ctxt *)
tree_cellnasl_md5 (lex_ctxt *)
tree_cellnasl_sha (lex_ctxt *)
tree_cellnasl_sha1 (lex_ctxt *)
tree_cellnasl_sha256 (lex_ctxt *)
tree_cellnasl_sha512 (lex_ctxt *)
tree_cellnasl_ripemd160 (lex_ctxt *)
tree_cellnasl_hmac_md2 (lex_ctxt *)
tree_cellnasl_hmac_md5 (lex_ctxt *)
tree_cellnasl_hmac_sha1 (lex_ctxt *)
tree_cellnasl_hmac_sha256 (lex_ctxt *)
tree_cellnasl_hmac_sha384 (lex_ctxt *)
tree_cellnasl_hmac_sha512 (lex_ctxt *)
tree_cellnasl_hmac_dss (lex_ctxt *)
tree_cellnasl_hmac_ripemd160 (lex_ctxt *)
tree_cellnasl_prf_sha256 (lex_ctxt *)
tree_cellnasl_prf_sha384 (lex_ctxt *)
tree_cellnasl_tls1_prf (lex_ctxt *)
tree_cellnasl_ntlmv1_hash (lex_ctxt *)
tree_cellnasl_nt_owf_gen (lex_ctxt *)
tree_cellnasl_lm_owf_gen (lex_ctxt *)
tree_cellnasl_ntv2_owf_gen (lex_ctxt *)
tree_cellnasl_ntlmv2_hash (lex_ctxt *)
tree_cellnasl_ntlmv2_response (lex_ctxt *lexic)
tree_cellnasl_ntlm2_response (lex_ctxt *lexic)
tree_cellnasl_ntlm_response (lex_ctxt *lexic)
tree_cellnasl_keyexchg (lex_ctxt *lexic)
tree_cellnasl_insert_hexzeros (lex_ctxt *lexic)
tree_cellnasl_get_password (lex_ctxt *lexic)
tree_cellnasl_get_sign (lex_ctxt *lexic)
tree_cellnasl_get_smb2_sign (lex_ctxt *lexic)
tree_cellnasl_smb_cmac_aes_sign (lex_ctxt *lexic)
tree_cellnasl_smb_gmac_aes_sign (lex_ctxt *lexic)
tree_cellnasl_cipher_des (lex_ctxt *)

Macro Definition Documentation

◆ MD4_DIGEST_LENGTH

#define MD4_DIGEST_LENGTH   16

Definition at line 16 of file nasl_crypto.h.

Function Documentation

◆ nasl_cipher_des()

tree_cell * nasl_cipher_des ( lex_ctxt * lexic)

Definition at line 187 of file nasl_crypto.c.

188{
189 char *data, *key;
190 size_t dlen, klen;
191
192 data = get_str_var_by_num (lexic, 0);
193 dlen = get_var_size_by_num (lexic, 0);
194 key = get_str_var_by_num (lexic, 1);
195 klen = get_var_size_by_num (lexic, 1);
196 return nasl_cipher (GCRY_CIPHER_DES, data, dlen, key, klen);
197}
nasl_cipher
static tree_cell * nasl_cipher(int algorithm, void *data, size_t dlen, void *key, size_t klen)
Definition nasl_crypto.c:155
get_var_size_by_num
int get_var_size_by_num(lex_ctxt *, int)
Definition nasl_var.c:1145
get_str_var_by_num
char * get_str_var_by_num(lex_ctxt *, int)
Definition nasl_var.c:1108

References get_str_var_by_num(), get_var_size_by_num(), and nasl_cipher().

Here is the call graph for this function:

◆ nasl_get_password()

tree_cell * nasl_get_password ( lex_ctxt * lexic)

◆ nasl_get_sign()

tree_cell * nasl_get_sign ( lex_ctxt * lexic)

Definition at line 244 of file nasl_crypto.c.

245{
246 char *mac_key = (char *) get_str_var_by_name (lexic, "key");
247 uint8_t *buf = (uint8_t *) get_str_var_by_name (lexic, "buf");
248 int buflen = get_int_var_by_name (lexic, "buflen", -1);
249 int seq_num = get_int_var_by_name (lexic, "seq_number", -1);
250 if (mac_key == NULL || buf == NULL || buflen == -1 || seq_num <= -1)
251 {
252 nasl_perror (lexic, "Syntax : get_signature(key:<k>, buf:<b>, "
253 "buflen:<bl>, seq_number:<s>)\n");
254 return NULL;
255 }
256 uint8_t calc_md5_mac[16];
257 simple_packet_signature_ntlmssp ((uint8_t *) mac_key, buf, seq_num,
258 calc_md5_mac);
259 memcpy (buf + 18, calc_md5_mac, 8);
260 char *ret = g_malloc0 (buflen);
261 memcpy (ret, buf, buflen);
262 tree_cell *retc;
263 retc = alloc_typed_cell (CONST_DATA);
264 retc->size = buflen;
265 retc->x.str_val = (char *) ret;
266 return retc;
267}
nasl_perror
void nasl_perror(lex_ctxt *lexic, char *msg,...)
Definition nasl_debug.c:105
get_str_var_by_name
char * get_str_var_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1118
get_int_var_by_name
long int get_int_var_by_name(lex_ctxt *, const char *, int)
Definition nasl_var.c:1101
alloc_typed_cell
tree_cell * alloc_typed_cell(int typ)
Definition nasl_tree.c:25
CONST_DATA
@ CONST_DATA
Definition nasl_tree.h:82
tree_cell
struct TC tree_cell
simple_packet_signature_ntlmssp
void simple_packet_signature_ntlmssp(uint8_t *mac_key, const uchar *buf, uint32 seq_number, unsigned char *calc_md5_mac)
Definition smb_signing.c:23
TC::size
int size
Definition nasl_tree.h:99
TC::x
union TC::@332262321161220155002104006201360276211317150140 x
TC::str_val
char * str_val
Definition nasl_tree.h:103

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), nasl_perror(), simple_packet_signature_ntlmssp(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_get_smb2_sign()

tree_cell * nasl_get_smb2_sign ( lex_ctxt * lexic)

Definition at line 495 of file nasl_crypto.c.

496{
497 return nasl_smb_sign (G_CHECKSUM_SHA256, lexic);
498}
nasl_smb_sign
tree_cell * nasl_smb_sign(const int algo, lex_ctxt *lexic)
Definition nasl_crypt_helper.c:179

References nasl_smb_sign().

Here is the call graph for this function:

◆ nasl_hmac_dss()

tree_cell * nasl_hmac_dss ( lex_ctxt * )

◆ nasl_hmac_md2()

tree_cell * nasl_hmac_md2 ( lex_ctxt * lexic)

Definition at line 213 of file nasl_crypto.c.

214{
215 return nasl_hmac (lexic, GCRY_MD_MD2);
216}
nasl_hmac
static tree_cell * nasl_hmac(lex_ctxt *lexic, int algorithm)
Definition nasl_crypto.c:202

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_hmac_md5()

tree_cell * nasl_hmac_md5 ( lex_ctxt * lexic)

Definition at line 219 of file nasl_crypto.c.

220{
221 return nasl_hmac (lexic, GCRY_MD_MD5);
222}

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_hmac_ripemd160()

tree_cell * nasl_hmac_ripemd160 ( lex_ctxt * lexic)

Definition at line 237 of file nasl_crypto.c.

238{
239 return nasl_hmac (lexic, GCRY_MD_RMD160);
240}

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_hmac_sha1()

tree_cell * nasl_hmac_sha1 ( lex_ctxt * lexic)

Definition at line 225 of file nasl_crypto.c.

226{
227 return nasl_hmac (lexic, GCRY_MD_SHA1);
228}

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_hmac_sha256()

tree_cell * nasl_hmac_sha256 ( lex_ctxt * lexic)

Definition at line 270 of file nasl_crypto.c.

271{
272 void *key, *data, *signature;
273 int keylen, datalen;
274 tree_cell *retc;
275
276 key = get_str_var_by_name (lexic, "key");
277 data = get_str_var_by_name (lexic, "data");
278 datalen = get_var_size_by_name (lexic, "data");
279 keylen = get_var_size_by_name (lexic, "key");
280 if (!key || !data || keylen <= 0 || datalen <= 0)
281 {
282 nasl_perror (lexic, "Syntax : hmac_sha256(data:<b>, key:<k>)\n");
283 return NULL;
284 }
285 signature = hmac_sha256 (key, keylen, data, datalen);
286
287 retc = alloc_typed_cell (CONST_DATA);
288 retc->size = 32;
289 retc->x.str_val = (char *) signature;
290 return retc;
291}
hmac_sha256
void * hmac_sha256(const void *key, int keylen, const void *buf, int buflen)
Definition nasl_crypt_helper.c:48
get_var_size_by_name
int get_var_size_by_name(lex_ctxt *, const char *)
Definition nasl_var.c:1138

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), hmac_sha256(), nasl_perror(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_hmac_sha384()

tree_cell * nasl_hmac_sha384 ( lex_ctxt * lexic)

Definition at line 231 of file nasl_crypto.c.

232{
233 return nasl_hmac (lexic, GCRY_MD_SHA384);
234}

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_hmac_sha512()

tree_cell * nasl_hmac_sha512 ( lex_ctxt * lexic)

Definition at line 489 of file nasl_crypto.c.

490{
491 return nasl_hmac (lexic, GCRY_MD_SHA512);
492}

References nasl_hmac().

Here is the call graph for this function:

◆ nasl_insert_hexzeros()

tree_cell * nasl_insert_hexzeros ( lex_ctxt * lexic)

Definition at line 740 of file nasl_crypto.c.

741{
742 const uchar *in = (uchar *) get_str_var_by_name (lexic, "in");
743 int in_len = get_var_size_by_name (lexic, "in");
744 char *src;
745 smb_ucs2_t *out, *dst, val;
746 int i;
747 size_t byte_len;
748 tree_cell *retc;
749 if (in_len < 0 || in == NULL)
750 {
751 nasl_perror (lexic, "Syntax : insert_hexzeros(in:<i>)\n");
752 return NULL;
753 }
754
755 byte_len = sizeof (smb_ucs2_t) * (strlen ((char *) in) + 1);
756 out = g_malloc0 (byte_len);
757 dst = out;
758 src = (char *) in;
759
760 for (i = 0; i < in_len; i++)
761 {
762 val = *src;
763 *dst = val;
764 dst++;
765 src++;
766 if (val == 0)
767 break;
768 }
769
770 /* We don't want null termination */
771 byte_len = byte_len - 2;
772
773 retc = alloc_typed_cell (CONST_DATA);
774 retc->size = byte_len;
775 retc->x.str_val = (char *) out;
776 return retc;
777}
uchar
#define uchar
Definition hmacmd5.h:22
smb_ucs2_t
uint16 smb_ucs2_t
Definition hmacmd5.h:52
val
const char * val
Definition nasl_init.c:440

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), nasl_perror(), TC::size, TC::str_val, uchar, val, and TC::x.

Here is the call graph for this function:

◆ nasl_keyexchg()

tree_cell * nasl_keyexchg ( lex_ctxt * lexic)

Definition at line 630 of file nasl_crypto.c.

631{
632 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
633 uint8_t *session_key = (uint8_t *) get_str_var_by_name (lexic, "session_key");
634 unsigned char *nt_hash =
635 (unsigned char *) get_str_var_by_name (lexic, "nt_hash");
636
637 if (cryptkey == NULL || session_key == NULL || nt_hash == NULL)
638 {
639 nasl_perror (
640 lexic,
641 "Syntax : key_exchange(cryptkey:<c>, session_key:<s>, nt_hash:<n> )\n");
642 return NULL;
643 }
644 uint8_t new_sess_key[16];
645 tree_cell *retc;
646 uint8_t *encrypted_session_key = NULL;
647 encrypted_session_key = ntlmssp_genauth_keyexchg (
648 session_key, cryptkey, nt_hash, (uint8_t *) &new_sess_key);
649 int len = 16 + 16;
650 char *ret = g_malloc0 (len);
651 memcpy (ret, new_sess_key, 16);
652 memcpy (ret + 16, encrypted_session_key, 16);
653 retc = alloc_typed_cell (CONST_DATA);
654 retc->size = len;
655 retc->x.str_val = ret;
656 return retc;
657}
len
uint8_t len
Definition nasl_packet_forgery.c:1
ntlmssp_genauth_keyexchg
uint8_t * ntlmssp_genauth_keyexchg(uint8_t *session_key, char *challenge_data, unsigned char *nt_hash, uint8_t *new_sess_key)
Definition ntlmssp.c:85

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), len, nasl_perror(), ntlmssp_genauth_keyexchg(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_lm_owf_gen()

tree_cell * nasl_lm_owf_gen ( lex_ctxt * lexic)

Definition at line 711 of file nasl_crypto.c.

712{
713 char *pass = get_str_var_by_num (lexic, 0);
714 int pass_len = get_var_size_by_num (lexic, 0);
715 tree_cell *retc;
716 uchar pwd[15];
717 uchar p16[16];
718 unsigned int i;
719
720 if (pass_len < 0 || pass == NULL)
721 {
722 nasl_perror (lexic, "Syntax : nt_lm_gen(password:<p>)\n");
723 return NULL;
724 }
725
726 bzero (pwd, sizeof (pwd));
727 strncpy ((char *) pwd, pass, sizeof (pwd) - 1);
728 for (i = 0; i < sizeof (pwd); i++)
729 pwd[i] = toupper (pwd[i]);
730
731 E_P16 (pwd, p16);
732
733 retc = alloc_typed_cell (CONST_DATA);
734 retc->size = 16;
735 retc->x.str_val = g_memdup2 (p16, 16);
736 return retc;
737}
E_P16
void E_P16(uchar *p14, uchar *p16)
Definition smb_crypt.c:302

References alloc_typed_cell(), CONST_DATA, E_P16(), get_str_var_by_num(), get_var_size_by_num(), nasl_perror(), TC::size, TC::str_val, uchar, and TC::x.

Here is the call graph for this function:

◆ nasl_md2()

tree_cell * nasl_md2 ( lex_ctxt * lexic)

Definition at line 113 of file nasl_crypto.c.

114{
115 return nasl_hash (lexic, GCRY_MD_MD2);
116}
nasl_hash
static tree_cell * nasl_hash(lex_ctxt *lexic, int algorithm)
Definition nasl_crypto.c:104

References nasl_hash().

Here is the call graph for this function:

◆ nasl_md4()

tree_cell * nasl_md4 ( lex_ctxt * lexic)

Definition at line 119 of file nasl_crypto.c.

120{
121 return nasl_hash (lexic, GCRY_MD_MD4);
122}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_md5()

tree_cell * nasl_md5 ( lex_ctxt * lexic)

Definition at line 125 of file nasl_crypto.c.

126{
127 return nasl_hash (lexic, GCRY_MD_MD5);
128}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_nt_owf_gen()

tree_cell * nasl_nt_owf_gen ( lex_ctxt * lexic)

Definition at line 692 of file nasl_crypto.c.

693{
694 char *pass = get_str_var_by_num (lexic, 0);
695 gunichar2 *upass;
696 glong upass_len;
697 tree_cell *ret;
698
699 if (!pass)
700 {
701 nasl_perror (lexic, "Syntax : nt_owf_gen(<password>)\n");
702 return NULL;
703 }
704 upass = g_utf8_to_utf16 (pass, -1, NULL, &upass_len, NULL);
705 ret = nasl_gcrypt_hash (lexic, GCRY_MD_MD4, upass, upass_len * 2, NULL, 0);
706 g_free (upass);
707 return ret;
708}
nasl_gcrypt_hash
static tree_cell * nasl_gcrypt_hash(lex_ctxt *lexic, int algorithm, void *data, size_t datalen, void *key, size_t keylen)
Definition nasl_crypto.c:59

References get_str_var_by_num(), nasl_gcrypt_hash(), and nasl_perror().

Here is the call graph for this function:

◆ nasl_ntlm2_response()

tree_cell * nasl_ntlm2_response ( lex_ctxt * lexic)

Definition at line 557 of file nasl_crypto.c.

558{
559 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
560 char *password = get_str_var_by_name (lexic, "password");
561 uint8_t pass_len = get_var_size_by_name (lexic, "password");
562 void *nt_hash = get_str_var_by_name (lexic, "nt_hash");
563 int hash_len = get_var_size_by_name (lexic, "nt_hash");
564
565 if (!cryptkey || !password || !nt_hash || hash_len < 16)
566 {
567 nasl_perror (lexic, "Syntax : ntlm2_response(cryptkey:<c>, password:<p>, "
568 "nt_hash:<n[16]>)\n");
569 return NULL;
570 }
571
572 uint8_t lm_response[24];
573 uint8_t nt_response[24];
574 uint8_t session_key[16];
575
576 tree_cell *retc;
577 ntlmssp_genauth_ntlm2 (password, pass_len, lm_response, nt_response,
578 session_key, cryptkey, nt_hash);
579 int len = sizeof (lm_response) + sizeof (nt_response) + sizeof (session_key);
580 char *ret = g_malloc0 (len);
581 memcpy (ret, lm_response, sizeof (lm_response));
582 memcpy (ret + sizeof (lm_response), nt_response, sizeof (nt_response));
583 memcpy (ret + sizeof (lm_response) + sizeof (nt_response), session_key,
584 sizeof (session_key));
585 retc = alloc_typed_cell (CONST_DATA);
586 retc->size = len;
587 retc->x.str_val = ret;
588 return retc;
589}
ntlmssp_genauth_ntlm2
void ntlmssp_genauth_ntlm2(char *password, uint8_t pass_len, uint8_t *lm_response, uint8_t *nt_response, uint8_t *session_key, char *challenge_data, unsigned char *nt_hash)
Definition ntlmssp.c:30

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), len, nasl_perror(), ntlmssp_genauth_ntlm2(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_ntlm_response()

tree_cell * nasl_ntlm_response ( lex_ctxt * lexic)

Definition at line 592 of file nasl_crypto.c.

593{
594 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
595 char *password = get_str_var_by_name (lexic, "password");
596 uint8_t pass_len = (uint8_t) get_var_size_by_name (lexic, "password");
597 void *nt_hash = get_str_var_by_name (lexic, "nt_hash");
598 int hash_len = get_var_size_by_name (lexic, "nt_hash");
599 int neg_flags = get_int_var_by_name (lexic, "neg_flags", -1);
600
601 if (!cryptkey || !password || !nt_hash || hash_len < 16 || neg_flags < 0)
602 {
603 nasl_perror (lexic, "Syntax : ntlm_response(cryptkey:<c>, password:<p>, "
604 "nt_hash:<n[16]>, neg_flags:<nf>)\n");
605 return NULL;
606 }
607
608 uint8_t lm_response[24];
609 uint8_t nt_response[24];
610 uint8_t session_key[16];
611
612 tree_cell *retc;
613
614 ntlmssp_genauth_ntlm (password, pass_len, lm_response, nt_response,
615 session_key, cryptkey, nt_hash, neg_flags);
616
617 int len = sizeof (lm_response) + sizeof (nt_response) + sizeof (session_key);
618 char *ret = g_malloc0 (len);
619 memcpy (ret, lm_response, sizeof (lm_response));
620 memcpy (ret + sizeof (lm_response), nt_response, sizeof (nt_response));
621 memcpy (ret + sizeof (lm_response) + sizeof (nt_response), session_key,
622 sizeof (session_key));
623 retc = alloc_typed_cell (CONST_DATA);
624 retc->size = len;
625 retc->x.str_val = ret;
626 return retc;
627}
ntlmssp_genauth_ntlm
void ntlmssp_genauth_ntlm(char *password, uint8_t pass_len, uint8_t *lm_response, uint8_t *nt_response, uint8_t *session_key, char *challenge_data, unsigned char *nt_hash, int neg_flags)
Definition ntlmssp.c:61

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_size_by_name(), len, nasl_perror(), ntlmssp_genauth_ntlm(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_ntlmv1_hash()

tree_cell * nasl_ntlmv1_hash ( lex_ctxt * lexic)

Definition at line 660 of file nasl_crypto.c.

661{
662 const uchar *cryptkey = (uchar *) get_str_var_by_name (lexic, "cryptkey");
663 char *password = get_str_var_by_name (lexic, "passhash");
664 int pass_len = get_var_size_by_name (lexic, "passhash");
665 unsigned char p21[21];
666 tree_cell *retc;
667 uchar *ret;
668
669 if (cryptkey == NULL || password == NULL)
670 {
671 nasl_perror (lexic, "Syntax : ntlmv1_hash(cryptkey:<c>, passhash:<p>)\n");
672 return NULL;
673 }
674
675 if (pass_len < 16)
676 pass_len = 16;
677
678 bzero (p21, sizeof (p21));
679 memcpy (p21, password, pass_len);
680
681 ret = g_malloc0 (24);
682
683 E_P24 (p21, cryptkey, ret);
684 retc = alloc_typed_cell (CONST_DATA);
685 retc->size = 24;
686 retc->x.str_val = (char *) ret;
687
688 return retc;
689}
E_P24
void E_P24(const uchar *p21, const uchar *c8, uchar *p24)
Definition smb_crypt.c:310

References alloc_typed_cell(), CONST_DATA, E_P24(), get_str_var_by_name(), get_var_size_by_name(), nasl_perror(), TC::size, TC::str_val, uchar, and TC::x.

Here is the call graph for this function:

◆ nasl_ntlmv2_hash()

tree_cell * nasl_ntlmv2_hash ( lex_ctxt * lexic)

Definition at line 868 of file nasl_crypto.c.

869{
870 const uchar *server_chal = (uchar *) get_str_var_by_name (lexic, "cryptkey");
871 int sc_len = get_var_size_by_name (lexic, "cryptkey");
872 const uchar *ntlm_v2_hash = (uchar *) get_str_var_by_name (lexic, "passhash");
873 int hash_len = get_var_size_by_name (lexic, "passhash");
874 int client_chal_length = get_int_var_by_name (lexic, "length", -1);
875 tree_cell *retc;
876 unsigned char ntlmv2_response[16];
877 unsigned char *ntlmv2_client_data = NULL;
878 unsigned char *final_response;
879 int i;
880
881 if (sc_len < 0 || server_chal == NULL || hash_len < 0 || ntlm_v2_hash == NULL
882 || client_chal_length < 0)
883 {
884 nasl_perror (
885 lexic,
886 "Syntax : ntlmv2_hash(cryptkey:<c>, passhash:<p>, length:<l>)\n");
887 return NULL;
888 }
889
890 /* NTLMv2 */
891
892 /* We also get to specify some random data */
893 ntlmv2_client_data = g_malloc0 (client_chal_length);
894 for (i = 0; i < client_chal_length; i++)
895 ntlmv2_client_data[i] = rand () % 256;
896
897 assert (hash_len == 16);
898 /* Given that data, and the challenge from the server, generate a response */
899 SMBOWFencrypt_ntv2_ntlmssp (ntlm_v2_hash, server_chal, 8, ntlmv2_client_data,
900 client_chal_length, ntlmv2_response);
901
902 /* put it into nt_response, for the code below to put into the packet */
903 final_response = g_malloc0 (client_chal_length + sizeof (ntlmv2_response));
904 memcpy (final_response, ntlmv2_response, sizeof (ntlmv2_response));
905 /* after the first 16 bytes is the random data we generated above, so the
906 * server can verify us with it */
907 memcpy (final_response + sizeof (ntlmv2_response), ntlmv2_client_data,
908 client_chal_length);
909
910 g_free (ntlmv2_client_data);
911
912 retc = alloc_typed_cell (CONST_DATA);
913 retc->size = client_chal_length + sizeof (ntlmv2_response);
914 retc->x.str_val = (char *) final_response;
915
916 return retc;
917}
SMBOWFencrypt_ntv2_ntlmssp
void SMBOWFencrypt_ntv2_ntlmssp(const uchar *kr, const uint8_t *srv_chal, int srv_chal_len, const uint8_t *cli_chal, int cli_chal_len, uchar resp_buf[16])

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), get_var_size_by_name(), nasl_perror(), TC::size, SMBOWFencrypt_ntv2_ntlmssp(), TC::str_val, uchar, and TC::x.

Here is the call graph for this function:

◆ nasl_ntlmv2_response()

tree_cell * nasl_ntlmv2_response ( lex_ctxt * lexic)

Definition at line 513 of file nasl_crypto.c.

514{
515 char *cryptkey = (char *) get_str_var_by_name (lexic, "cryptkey");
516 char *user = (char *) get_str_var_by_name (lexic, "user");
517 char *domain = (char *) get_str_var_by_name (lexic, "domain");
518 unsigned char *ntlmv2_hash =
519 (unsigned char *) get_str_var_by_name (lexic, "ntlmv2_hash");
520 char *address_list = get_str_var_by_name (lexic, "address_list");
521 int address_list_len = get_int_var_by_name (lexic, "address_list_len", -1);
522
523 if (cryptkey == NULL || user == NULL || domain == NULL || ntlmv2_hash == NULL
524 || address_list == NULL || address_list_len < 0)
525 {
526 nasl_perror (
527 lexic, "Syntax : ntlmv2_response(cryptkey:<c>, user:<u>, domain:<d>, "
528 "ntlmv2_hash:<n>, address_list:<a>, address_list_len:<len>)\n");
529 return NULL;
530 }
531 uint8_t lm_response[24];
532 uint8_t nt_response[16 + 28 + address_list_len];
533 uint8_t session_key[16];
534 bzero (lm_response, sizeof (lm_response));
535 bzero (nt_response, sizeof (nt_response));
536 bzero (session_key, sizeof (session_key));
537
538 ntlmssp_genauth_ntlmv2 (user, domain, address_list, address_list_len,
539 cryptkey, lm_response, nt_response, session_key,
540 ntlmv2_hash);
541 tree_cell *retc;
542 int lm_response_len = 24;
543 int nt_response_len = 16 + 28 + address_list_len;
544 int len = lm_response_len + nt_response_len + sizeof (session_key);
545 char *ret = g_malloc0 (len);
546 memcpy (ret, lm_response, lm_response_len);
547 memcpy (ret + lm_response_len, session_key, sizeof (session_key));
548 memcpy (ret + lm_response_len + sizeof (session_key), nt_response,
549 nt_response_len);
550 retc = alloc_typed_cell (CONST_DATA);
551 retc->size = len;
552 retc->x.str_val = ret;
553 return retc;
554}
ntlmssp_genauth_ntlmv2
void ntlmssp_genauth_ntlmv2(char *user, char *domain, char *address_list, int address_list_len, char *challenge_data, uint8_t *lm_response, uint8_t *nt_response, uint8_t *session_key, unsigned char *ntlmv2_hash)
Definition ntlmssp.c:19

References alloc_typed_cell(), CONST_DATA, get_int_var_by_name(), get_str_var_by_name(), len, nasl_perror(), ntlmssp_genauth_ntlmv2(), TC::size, TC::str_val, and TC::x.

Here is the call graph for this function:

◆ nasl_ntv2_owf_gen()

tree_cell * nasl_ntv2_owf_gen ( lex_ctxt * lexic)

Definition at line 781 of file nasl_crypto.c.

782{
783 const uchar *owf_in = (uchar *) get_str_var_by_name (lexic, "owf");
784 int owf_in_len = get_var_size_by_name (lexic, "owf");
785 char *user_in = get_str_var_by_name (lexic, "login");
786 int user_in_len = get_var_size_by_name (lexic, "login");
787 char *domain_in = get_str_var_by_name (lexic, "domain");
788 int domain_len = get_var_size_by_name (lexic, "domain");
789 char *src_user, *src_domain;
790 smb_ucs2_t *user, *dst_user, val_user;
791 smb_ucs2_t *domain, *dst_domain, val_domain;
792 int i;
793 size_t user_byte_len;
794 size_t domain_byte_len;
795 tree_cell *retc;
796 uchar *kr_buf;
797 HMACMD5Context ctx;
798
799 if (owf_in_len < 0 || owf_in == NULL || user_in_len < 0 || user_in == NULL
800 || domain_len < 0 || domain_in == NULL)
801 {
802 nasl_perror (lexic,
803 "Syntax : ntv2_owf_gen(owf:<o>, login:<l>, domain:<d>)\n");
804 return NULL;
805 }
806
807 assert (owf_in_len == 16);
808
809 user_byte_len = sizeof (smb_ucs2_t) * (strlen (user_in) + 1);
810 user = g_malloc0 (user_byte_len);
811 dst_user = user;
812 src_user = user_in;
813
814 for (i = 0; i < user_in_len; i++)
815 {
816 val_user = *src_user;
817 *dst_user = val_user;
818 dst_user++;
819 src_user++;
820 if (val_user == 0)
821 break;
822 }
823
824 domain_byte_len = sizeof (smb_ucs2_t) * (strlen (domain_in) + 1);
825 domain = g_malloc0 (domain_byte_len);
826 dst_domain = domain;
827 src_domain = domain_in;
828
829 for (i = 0; i < domain_len; i++)
830 {
831 val_domain = *src_domain;
832 *dst_domain = val_domain;
833
834 dst_domain++;
835 src_domain++;
836 if (val_domain == 0)
837 break;
838 }
839
840 strupper_w (user);
841 strupper_w (domain);
842
843 assert (user_byte_len >= 2);
844 assert (domain_byte_len >= 2);
845
846 /* We don't want null termination */
847 user_byte_len = user_byte_len - 2;
848 domain_byte_len = domain_byte_len - 2;
849
850 kr_buf = g_malloc0 (16);
851
852 hmac_md5_init_limK_to_64 (owf_in, 16, &ctx);
853 hmac_md5_update ((const unsigned char *) user, user_byte_len, &ctx);
854 hmac_md5_update ((const unsigned char *) domain, domain_byte_len, &ctx);
855 hmac_md5_final (kr_buf, &ctx);
856
857 g_free (user);
858 g_free (domain);
859
860 retc = alloc_typed_cell (CONST_DATA);
861 retc->size = 16;
862 retc->x.str_val = (char *) kr_buf;
863
864 return retc;
865}
hmac_md5_final
void hmac_md5_final(uchar *digest, HMACMD5Context *ctx)
Finish off hmac_md5 "inner" buffer and generate outer one.
Definition hmacmd5.c:64
hmac_md5_update
void hmac_md5_update(const uchar *text, int text_len, HMACMD5Context *ctx)
Update hmac_md5 "inner" buffer.
Definition hmacmd5.c:55
hmac_md5_init_limK_to_64
void hmac_md5_init_limK_to_64(const uchar *key, int key_len, HMACMD5Context *ctx)
The microsoft version of hmac_md5 initialisation.
Definition hmacmd5.c:24
strupper_w
int strupper_w(smb_ucs2_t *s)
Definition smb_crypt2.c:35

References alloc_typed_cell(), CONST_DATA, get_str_var_by_name(), get_var_size_by_name(), hmac_md5_final(), hmac_md5_init_limK_to_64(), hmac_md5_update(), nasl_perror(), TC::size, TC::str_val, strupper_w(), uchar, and TC::x.

Here is the call graph for this function:

◆ nasl_prf_sha256()

tree_cell * nasl_prf_sha256 ( lex_ctxt * lexic)

Definition at line 471 of file nasl_crypto.c.

472{
473 return nasl_prf (lexic, 0);
474}
nasl_prf
static tree_cell * nasl_prf(lex_ctxt *lexic, int hmac)
Definition nasl_crypto.c:437

References nasl_prf().

Here is the call graph for this function:

◆ nasl_prf_sha384()

tree_cell * nasl_prf_sha384 ( lex_ctxt * lexic)

Definition at line 477 of file nasl_crypto.c.

478{
479 return nasl_prf (lexic, 1);
480}

References nasl_prf().

Here is the call graph for this function:

◆ nasl_ripemd160()

tree_cell * nasl_ripemd160 ( lex_ctxt * lexic)

Definition at line 149 of file nasl_crypto.c.

150{
151 return nasl_hash (lexic, GCRY_MD_RMD160);
152}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_sha()

tree_cell * nasl_sha ( lex_ctxt * )

◆ nasl_sha1()

tree_cell * nasl_sha1 ( lex_ctxt * lexic)

Definition at line 131 of file nasl_crypto.c.

132{
133 return nasl_hash (lexic, GCRY_MD_SHA1);
134}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_sha256()

tree_cell * nasl_sha256 ( lex_ctxt * lexic)

Definition at line 137 of file nasl_crypto.c.

138{
139 return nasl_hash (lexic, GCRY_MD_SHA256);
140}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_sha512()

tree_cell * nasl_sha512 ( lex_ctxt * lexic)

Definition at line 143 of file nasl_crypto.c.

144{
145 return nasl_hash (lexic, GCRY_MD_SHA512);
146}

References nasl_hash().

Here is the call graph for this function:

◆ nasl_smb_cmac_aes_sign()

tree_cell * nasl_smb_cmac_aes_sign ( lex_ctxt * lexic)

Definition at line 501 of file nasl_crypto.c.

502{
503 return nasl_smb_sign (GCRY_MAC_CMAC_AES, lexic);
504}

References nasl_smb_sign().

Here is the call graph for this function:

◆ nasl_smb_gmac_aes_sign()

tree_cell * nasl_smb_gmac_aes_sign ( lex_ctxt * lexic)

Definition at line 507 of file nasl_crypto.c.

508{
509 return nasl_smb_sign (GCRY_MAC_GMAC_AES, lexic);
510}

References nasl_smb_sign().

Here is the call graph for this function:

◆ nasl_tls1_prf()

tree_cell * nasl_tls1_prf ( lex_ctxt * lexic)

Definition at line 483 of file nasl_crypto.c.

484{
485 return nasl_prf (lexic, 2);
486}

References nasl_prf().

Here is the call graph for this function: