1 /* $NetBSD: chap_ms.h,v 1.6 2025/01/08 19:59:39 christos Exp $ */ 2 3 /* 4 * chap_ms.h - Challenge Handshake Authentication Protocol definitions. 5 * 6 * Copyright (c) 1995 Eric Rosenquist. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. The name(s) of the authors of this software must not be used to 21 * endorse or promote products derived from this software without 22 * prior written permission. 23 * 24 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 25 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 26 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 27 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 28 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 29 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 30 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 31 */ 32 33 #ifndef PPP_CHAPMS_H 34 #define PPP_CHAPMS_H 35 36 #include "pppdconf.h" 37 38 #ifdef __cplusplus 39 extern "C" { 40 #endif 41 42 #define MAX_NT_PASSWORD 256 /* Max (Unicode) chars in an NT pass */ 43 44 #define MS_CHAP_RESPONSE_LEN 49 /* Response length for MS-CHAP */ 45 #define MS_CHAP2_RESPONSE_LEN 49 /* Response length for MS-CHAPv2 */ 46 #define MS_AUTH_RESPONSE_LENGTH 40 /* MS-CHAPv2 authenticator response, */ 47 #define MS_AUTH_NTRESP_LEN 24 /* Length of NT-response field */ 48 /* as ASCII */ 49 50 /* E=eeeeeeeeee error codes for MS-CHAP failure messages. */ 51 #define MS_CHAP_ERROR_RESTRICTED_LOGON_HOURS 646 52 #define MS_CHAP_ERROR_ACCT_DISABLED 647 53 #define MS_CHAP_ERROR_PASSWD_EXPIRED 648 54 #define MS_CHAP_ERROR_NO_DIALIN_PERMISSION 649 55 #define MS_CHAP_ERROR_AUTHENTICATION_FAILURE 691 56 #define MS_CHAP_ERROR_CHANGING_PASSWORD 709 57 58 /* 59 * Offsets within the response field for MS-CHAP 60 */ 61 #define MS_CHAP_LANMANRESP 0 62 #define MS_CHAP_LANMANRESP_LEN 24 63 #define MS_CHAP_NTRESP 24 64 #define MS_CHAP_NTRESP_LEN 24 65 #define MS_CHAP_USENT 48 66 67 /* 68 * Offsets within the response field for MS-CHAP2 69 */ 70 #define MS_CHAP2_PEER_CHALLENGE 0 71 #define MS_CHAP2_PEER_CHAL_LEN 16 72 #define MS_CHAP2_RESERVED_LEN 8 73 #define MS_CHAP2_NTRESP 24 74 #define MS_CHAP2_NTRESP_LEN 24 75 #define MS_CHAP2_FLAGS 48 76 77 /* Are we the authenticator or authenticatee? For MS-CHAPv2 key derivation. */ 78 #define MS_CHAP2_AUTHENTICATEE 0 79 #define MS_CHAP2_AUTHENTICATOR 1 80 81 void ChapMS (u_char *, char *, int, u_char *); 82 void ChapMS2 (u_char *, u_char *, char *, char *, int, 83 u_char *, u_char[MS_AUTH_RESPONSE_LENGTH+1], int); 84 85 void ChallengeHash (u_char[16], u_char *, char *, u_char[8]); 86 87 88 /** 89 * PasswordHashHash - 16 bytes representing the NT Password Hash Hash 90 * NTResponse - 24 bytes represending the NTResponse parameter 91 * PeerChallenge - 16 bytes challange for peer 92 * rchallenge - 16 bytes challenge provided by peer 93 * authResponse - 24 + 1 byte to store the authenticator response 94 */ 95 void GenerateAuthenticatorResponse(unsigned char *PasswordHashHash, 96 unsigned char *NTResponse, unsigned char *PeerChallenge, 97 unsigned char *rchallenge, char *username, 98 unsigned char *authResponse); 99 100 void chapms_init(void); 101 102 #ifdef __cplusplus 103 } 104 #endif 105 106 #endif /* PPP_CHAPMS_H */ 107
Indexes created Mon Mar 02 05:31:46 UTC 2026