Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Side by Side Diff: net/ntlm/ntlm.cc

Issue 2873673002: Add unit tests for NTLMv1 portable implementation (Closed)
Patch Set: Review feedback Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/ntlm/ntlm.h"
6
7 #include <string.h>
8
9 #include "base/logging.h"
10 #include "base/md5.h"
11 #include "net/ntlm/des.h"
12 #include "net/ntlm/md4.h"
13 #include "net/ntlm/ntlm_buffer_writer.h"
14
15 namespace net {
16 namespace ntlm {
17
18 void GenerateNtlmHashV1(const base::string16& password, uint8_t* hash) {
19 size_t length = password.length() * 2;
20 // hash param must have at least 16 bytes of space.
21 NtlmBufferWriter writer(length);
22
23 // The writer will handle the big endian case if necessary.
24 bool result = writer.WriteUtf16String(password);
25 DCHECK(result);
26
27 std::unique_ptr<uint8_t[]> buffer = writer.ReleaseBuffer();
28
29 weak_crypto::MD4Sum(buffer.get(), length, hash);
30 }
31
32 void GenerateResponseDesl(const uint8_t* hash,
33 const uint8_t* challenge,
34 uint8_t* response) {
35 // See DESL(K, D) function in [MS-NLMP] Section 6
36 uint8_t key1[8];
37 uint8_t key2[8];
38 uint8_t key3[8];
39
40 // The last 2 bytes of the hash are zero padded (5 zeros) as the
41 // input to generate key3.
42 uint8_t padded_hash[7];
43 padded_hash[0] = hash[14];
44 padded_hash[1] = hash[15];
45 memset(padded_hash + 2, 0, 5);
46
47 DESMakeKey(hash, key1);
48 DESMakeKey(hash + 7, key2);
49 DESMakeKey(padded_hash, key3);
50
51 DESEncrypt(key1, challenge, response);
52 DESEncrypt(key2, challenge, response + 8);
53 DESEncrypt(key3, challenge, response + 16);
54 }
55
56 void GenerateNtlmResponseV1(const base::string16& password,
57 const uint8_t* challenge,
58 uint8_t* ntlm_response) {
59 uint8_t ntlm_hash[kNtlmHashLen];
60 GenerateNtlmHashV1(password, ntlm_hash);
61 GenerateResponseDesl(ntlm_hash, challenge, ntlm_response);
62 }
63
64 void GenerateResponsesV1(const base::string16& password,
65 const uint8_t* server_challenge,
66 uint8_t* lm_response,
67 uint8_t* ntlm_response) {
68 GenerateNtlmResponseV1(password, server_challenge, ntlm_response);
69
70 // In NTLM v1 (with LMv1 disabled), the lm_response and ntlm_response are the
71 // same. So just copy the ntlm_response into the lm_response.
72 memcpy(lm_response, ntlm_response, kResponseLenV1);
73 }
74
75 void GenerateLMResponseV1WithSessionSecurity(const uint8_t* client_challenge,
76 uint8_t* lm_response) {
77 // In NTLM v1 with Session Security (aka NTLM2) the lm_response is 8 bytes of
78 // client challenge and 16 bytes of zeros. (See 3.3.1)
79 memcpy(lm_response, client_challenge, kChallengeLen);
80 memset(lm_response + kChallengeLen, 0, kResponseLenV1 - kChallengeLen);
81 }
82
83 void GenerateSessionHashV1WithSessionSecurity(const uint8_t* server_challenge,
84 const uint8_t* client_challenge,
85 base::MD5Digest* session_hash) {
86 base::MD5Context ctx;
87 base::MD5Init(&ctx);
88 base::MD5Update(
89 &ctx, base::StringPiece(reinterpret_cast<const char*>(server_challenge),
90 kChallengeLen));
91 base::MD5Update(
92 &ctx, base::StringPiece(reinterpret_cast<const char*>(client_challenge),
93 kChallengeLen));
94
95 base::MD5Final(session_hash, &ctx);
96 }
97
98 void GenerateNtlmResponseV1WithSessionSecurity(const base::string16& password,
99 const uint8_t* server_challenge,
100 const uint8_t* client_challenge,
101 uint8_t* ntlm_response) {
102 // Generate the NTLMv1 Hash.
103 uint8_t ntlm_hash[kNtlmHashLen];
104 GenerateNtlmHashV1(password, ntlm_hash);
105
106 // Generate the NTLMv1 Session Hash.
107 base::MD5Digest session_hash;
108 GenerateSessionHashV1WithSessionSecurity(server_challenge, client_challenge,
109 &session_hash);
110
111 // Only the first 8 bytes of |session_hash.a| are actually used.
112 GenerateResponseDesl(ntlm_hash, session_hash.a, ntlm_response);
113 }
114
115 void GenerateResponsesV1WithSessionSecurity(const base::string16& password,
116 const uint8_t* server_challenge,
117 const uint8_t* client_challenge,
118 uint8_t* lm_response,
119 uint8_t* ntlm_response) {
120 GenerateLMResponseV1WithSessionSecurity(client_challenge, lm_response);
121 GenerateNtlmResponseV1WithSessionSecurity(password, server_challenge,
122 client_challenge, ntlm_response);
123 }
124
125 } // namespace ntlm
126 } // namespace net
OLDNEW
« net/ntlm/ntlm.h ('K') | « net/ntlm/ntlm.h ('k') | net/ntlm/ntlm_constants.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698