Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

EAP-pwd server: Add support for hashed password

This extends EAP-pwd server support to allow NtHash version of password
storage in addition to full plaintext password.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 10 years ago
parent
2bd2ed2006
commit
e4840b381c
1 changed files with 28 additions and 6 deletions
Split View Show Diff Stats
  1. 28 6
      src/eap_server/eap_server_pwd.c

+ 28 - 6
src/eap_server/eap_server_pwd.c
View File 

@@ -10,6 +10,7 @@
 
 
 #include "common.h"
 
 #include "crypto/sha256.h"
 
+#include "crypto/ms_funcs.h"
 
 #include "eap_server/eap_i.h"
 
 #include "eap_common/eap_pwd_common.h"
 
 
@@ -24,6 +25,7 @@ struct eap_pwd_data {
 
 	size_t id_server_len;
 
 	u8 *password;
 
 	size_t password_len;
 
+	int password_hash;
 
 	u32 token;
 
 	u16 group_num;
 
 	EAP_PWD_group *grp;
 
@@ -112,6 +114,7 @@ static void * eap_pwd_init(struct eap_sm *sm)
 
 	}
 
 	data->password_len = sm->user->password_len;
 
 	os_memcpy(data->password, sm->user->password, data->password_len);
 
+	data->password_hash = sm->user->password_hash;
 
 
 	data->bnctx = BN_CTX_new();
 
 	if (data->bnctx == NULL) {
 
@@ -181,7 +184,8 @@ static void eap_pwd_build_id_req(struct eap_sm *sm, struct eap_pwd_data *data,
 
 	wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC);
 
 	wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF);
 
 	wpabuf_put_data(data->outbuf, &data->token, sizeof(data->token));
 
-	wpabuf_put_u8(data->outbuf, EAP_PWD_PREP_NONE);
 
+	wpabuf_put_u8(data->outbuf, data->password_hash ? EAP_PWD_PREP_MS :
 
+		      EAP_PWD_PREP_NONE);
 
 	wpabuf_put_data(data->outbuf, data->id_server, data->id_server_len);
 
 }
 
 
@@ -579,6 +583,10 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm,
 
 				    const u8 *payload, size_t payload_len)
 
 {
 
 	struct eap_pwd_id *id;
 
+	const u8 *password;
 
+	size_t password_len;
 
+	u8 pwhashhash[16];
 
+	int res;
 
 
 	if (payload_len < sizeof(struct eap_pwd_id)) {
 
 		wpa_printf(MSG_INFO, "EAP-pwd: Invalid ID response");
 
@@ -610,11 +618,25 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm,
 
 			   "group");
 
 		return;
 
 	}
 
-	if (compute_password_element(data->grp, data->group_num,
 
-				     data->password, data->password_len,
 
-				     data->id_server, data->id_server_len,
 
-				     data->id_peer, data->id_peer_len,
 
-				     (u8 *) &data->token)) {
 
+
 
+	if (data->password_hash) {
 
+		res = hash_nt_password_hash(data->password, pwhashhash);
 
+		if (res)
 
+			return;
 
+		password = pwhashhash;
 
+		password_len = sizeof(pwhashhash);
 
+	} else {
 
+		password = data->password;
 
+		password_len = data->password_len;
 
+	}
 
+
 
+	res = compute_password_element(data->grp, data->group_num,
 
+				       password, password_len,
 
+				       data->id_server, data->id_server_len,
 
+				       data->id_peer, data->id_peer_len,
 
+				       (u8 *) &data->token);
 
+	os_memset(pwhashhash, 0, sizeof(pwhashhash));
 
+	if (res) {
 
 		wpa_printf(MSG_INFO, "EAP-PWD (server): unable to compute "
 
 			   "PWE");
 
 		return;