OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_BASE_NTLM_CLIENT_H_ | |
6 #define NET_BASE_NTLM_CLIENT_H_ | |
7 | |
8 #include <stddef.h> | |
9 #include <stdint.h> | |
10 | |
11 #include <memory> | |
12 | |
13 #include "base/strings/string16.h" | |
14 #include "base/strings/string_piece.h" | |
15 #include "net/base/net_export.h" | |
16 #include "net/http/ntlm.h" | |
17 | |
18 namespace base { | |
19 struct MD5Digest; | |
20 } | |
21 | |
22 namespace net { | |
23 namespace ntlm { | |
asanka
2017/06/23 21:29:11
It's was a bit tricky to locate the spec for each
zentaro
2017/07/05 17:57:42
Done.
| |
24 | |
25 // Generates the NTLMv1 Hash and writes the 16 byte result to |hash| | |
asanka
2017/06/23 21:29:11
NTOWFv1() as defined in Section 3.3.1 of [MS-NLMP]
zentaro
2017/07/05 17:57:42
Done.
| |
26 NET_EXPORT_PRIVATE void GenerateNtlmHashV1(const base::string16& password, | |
27 uint8_t* hash); | |
28 | |
29 // Generates the 24 byte NTLMv1 response field according to DESL(K, V) | |
30 // function in the NTLMSSP spec (Section 6 Appendix A) | |
asanka
2017/06/23 21:29:11
[MS-NLMP] rev 28 Section 6
(Section 6 is Appendix
zentaro
2017/07/05 17:57:42
Done.
| |
31 // | |
32 // |hash| must contain at least 16 bytes. | |
asanka
2017/06/23 21:29:11
"at least" is worrisome wording for a buffer whose
zentaro
2017/07/05 17:57:42
Done.
| |
33 // |challenge| must contain at least 8 bytes. | |
34 // |response| must contain at least 24 bytes. | |
35 NET_EXPORT_PRIVATE void GenerateResponseDesl(const uint8_t* hash, | |
36 const uint8_t* challenge, | |
37 uint8_t* response); | |
38 | |
39 // Generates the NTLM Response field for NTLMv1 without extended session | |
40 // security. | |
41 // |server_challenge| must contain at least 8 bytes. | |
42 // |ntlm_response| must contain at least 24 bytes. | |
43 NET_EXPORT_PRIVATE void GenerateNtlmResponseV1(const base::string16& password, | |
44 const uint8_t* server_challenge, | |
45 uint8_t* ntlm_response); | |
46 | |
47 // Generates both the LM Response and NTLM Response fields for NTLMv1 based | |
48 // on the users password and the servers challenge. | |
49 // | |
50 // NOTE: This should not be used. It will only get used in V1 if the | |
51 // |negotiate_flags_| passed to the constructor omit the | |
52 // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag. | |
53 // | |
54 // The default flags include this flag and the client will not be | |
55 // downgraded by the server. | |
56 // | |
57 // |server_challenge| must contain at least 8 bytes. | |
58 // |lm_response| must contain 24 bytes. | |
59 // |ntlm_response| must contain 24 bytes. | |
60 NET_EXPORT_PRIVATE void GenerateResponsesV1(const base::string16& password, | |
61 const uint8_t* server_challenge, | |
62 uint8_t* lm_response, | |
63 uint8_t* ntlm_response); | |
64 | |
65 // The LM Response in V1 with extended session security is 8 bytes of the | |
66 // |client_challenge| then 16 bytes of zero. (See 3.3.1) | |
67 // |lm_response| must contain at least 24 bytes. | |
68 NET_EXPORT_PRIVATE void GenerateLMResponseV1WithSS( | |
69 const uint8_t* client_challenge, | |
70 uint8_t* lm_response); | |
71 | |
72 // The |session_hash| is MD5(CONCAT(server_challenge, client_challenge)). | |
73 // It is used instead of just |server_challenge| when NTLMv1 with | |
74 // extended session secruity is enabled. (See 3.3.1) | |
75 NET_EXPORT_PRIVATE void GenerateSessionHashV1WithSS( | |
76 const uint8_t* server_challenge, | |
77 const uint8_t* client_challenge, | |
78 base::MD5Digest* session_hash); | |
79 | |
80 // The NTLM Response algorithm in V1 with extended session security is the | |
81 // the same as without extended session security except the challenge | |
82 // is the NTLMv1 session hash instead of |just server_challenge|. | |
83 // See |GenerateSessionHashV1WithSS|. | |
84 NET_EXPORT_PRIVATE void GenerateNtlmResponseV1WithSS( | |
85 const base::string16& password, | |
86 const uint8_t* server_challenge, | |
87 const uint8_t* client_challenge, | |
88 uint8_t* ntlm_response); | |
89 | |
90 // Generates the responses for V1 with extended session security. | |
91 // This is also known as NTLM2 (which is not the same as NTLMv2). | |
92 NET_EXPORT_PRIVATE void GenerateResponsesV1WithSS( | |
93 const base::string16& password, | |
94 const uint8_t* server_challenge, | |
95 const uint8_t* client_challenge, | |
96 uint8_t* lm_response, | |
97 uint8_t* ntlm_response); | |
98 | |
99 } // namespace ntlm | |
100 } // namespace net | |
101 | |
102 #endif // NET_BASE_NTLM_CLIENT_H_ | |
OLD | NEW |