From b46376980aca6e9e195e88f38e6ee8f09adb5fde Mon Sep 17 00:00:00 2001
From: Tim Kourt <tim.a.kourt@linux.intel.com>
Date: Tue, 23 Oct 2018 16:33:51 -0700
Subject: [PATCH] mschaputil: Add MS CHAP utilities

---
 Makefile.am      |   6 ++-
 src/mschaputil.c | 108 +++++++++++++++++++++++++++++++++++++++++++++++
 src/mschaputil.h |  28 ++++++++++++
 3 files changed, 140 insertions(+), 2 deletions(-)
 create mode 100644 src/mschaputil.c
 create mode 100644 src/mschaputil.h

diff --git a/Makefile.am b/Makefile.am
index f700520a..22f62697 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -109,7 +109,8 @@ eap_sources = src/eap.c src/eap.h src/eap-private.h \
 				src/simutil.h src/simutil.c \
 				src/simauth.h src/simauth.c \
 				src/watchlist.h src/watchlist.c \
-				src/eap-tls-common.h src/eap-tls-common.c
+				src/eap-tls-common.h src/eap-tls-common.c \
+				src/mschaputil.h src/mschaputil.c
 
 if DAEMON
 libexec_PROGRAMS += src/iwd
@@ -332,7 +333,8 @@ unit_test_eapol_SOURCES = unit/test-eapol.c \
 				src/eap.h src/eap.c src/eap-private.h \
 				src/eap-tls.c src/eap-ttls.c \
 				src/eap-md5.c src/util.c \
-				src/eap-tls-common.h src/eap-tls-common.c
+				src/eap-tls-common.h src/eap-tls-common.c \
+				src/mschaputil.h src/mschaputil.c
 unit_test_eapol_LDADD = $(ell_ldadd)
 
 unit_test_ssid_to_utf8_SOURCES = src/util.h src/util.c \
diff --git a/src/mschaputil.c b/src/mschaputil.c
new file mode 100644
index 00000000..ea7a3631
--- /dev/null
+++ b/src/mschaputil.c
@@ -0,0 +1,108 @@
+/*
+ *
+ *  Wireless daemon for Linux
+ *
+ *  Copyright (C) 2018  Intel Corporation. All rights reserved.
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <ell/ell.h>
+
+#include "mschaputil.h"
+
+static bool mschap_des_encrypt(const uint8_t *challenge, const uint8_t *key,
+							uint8_t *cipher_text)
+{
+	uint8_t pkey[8], tmp;
+	int i;
+	struct l_cipher *cipher;
+	uint8_t next;
+
+	for (i = 0, next = 0; i < 7; ++i) {
+		tmp = key[i];
+		pkey[i] = (tmp >> i) | next | 1;
+		next = tmp << (7 - i);
+	}
+
+	pkey[i] = next | 1;
+
+	cipher = l_cipher_new(L_CIPHER_DES, pkey, 8);
+	if (!cipher)
+		return false;
+
+	l_cipher_encrypt(cipher, challenge, cipher_text, 8);
+	l_cipher_free(cipher);
+
+	return true;
+}
+
+bool mschap_challenge_response(const uint8_t *challenge,
+				const uint8_t *password_hash, uint8_t *response)
+{
+	uint8_t buf[21];
+
+	memset(buf, 0, sizeof(buf));
+	memcpy(buf, password_hash, 16);
+
+	if (!mschap_des_encrypt(challenge, buf + 0, response + 0))
+		return false;
+
+	if (!mschap_des_encrypt(challenge, buf + 7, response + 8))
+		return false;
+
+	if (!mschap_des_encrypt(challenge, buf + 14, response + 16))
+		return false;
+
+	return true;
+}
+
+bool mschap_nt_password_hash(const char *password, uint8_t *password_hash)
+{
+	size_t size = l_utf8_strlen(password);
+	size_t bsize = strlen(password);
+	uint16_t buffer[size];
+	unsigned int i, pos;
+	struct l_checksum *check;
+
+	for (i = 0, pos = 0; i < size; ++i) {
+		wchar_t val;
+
+		pos += l_utf8_get_codepoint(password + pos, bsize - pos, &val);
+
+		if (val > 0xFFFF) {
+			l_error("Encountered password with value not valid in "
+								"ucs-2");
+			return false;
+		}
+
+		buffer[i] = L_CPU_TO_LE16(val);
+	}
+
+	check = l_checksum_new(L_CHECKSUM_MD4);
+	if (!check)
+		return false;
+
+	l_checksum_update(check, (uint8_t *) buffer, size * 2);
+	l_checksum_get_digest(check, password_hash, 16);
+	l_checksum_free(check);
+
+	return true;
+}
diff --git a/src/mschaputil.h b/src/mschaputil.h
new file mode 100644
index 00000000..c51ec1c5
--- /dev/null
+++ b/src/mschaputil.h
@@ -0,0 +1,28 @@
+/*
+ *
+ *  Wireless daemon for Linux
+ *
+ *  Copyright (C) 2018  Intel Corporation. All rights reserved.
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ */
+
+#define NT_CHALLENGE_RESPONSE_LEN 24
+
+bool mschap_challenge_response(const uint8_t *challenge,
+						const uint8_t *password_hash,
+						uint8_t *response);
+bool mschap_nt_password_hash(const char *password, uint8_t *password_hash);