Index: net/http/ntlm_client.h |
diff --git a/net/http/ntlm_client.h b/net/http/ntlm_client.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..6da057128a6dc9384908bc0bc85662fb20af1488 |
--- /dev/null |
+++ b/net/http/ntlm_client.h |
@@ -0,0 +1,102 @@ |
+// Copyright (c) 2017 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef NET_BASE_NTLM_CLIENT_H_ |
+#define NET_BASE_NTLM_CLIENT_H_ |
+ |
+#include <stddef.h> |
+#include <stdint.h> |
+ |
+#include <memory> |
+ |
+#include "base/strings/string16.h" |
+#include "base/strings/string_piece.h" |
+#include "net/base/net_export.h" |
+#include "net/http/ntlm.h" |
+ |
+namespace base { |
+struct MD5Digest; |
+} |
+ |
+namespace net { |
+ |
+namespace ntlm { |
+// Generates the NTLMv1 Hash and writes the 16 byte result to |hash| |
+NET_EXPORT_PRIVATE void GenerateNtlmHashV1(const base::string16& password, |
+ uint8_t* hash); |
+ |
+// Generates the 24 byte NTLMv1 response field according to DESL(K, V) |
+// function in the NTLMSSP spec (Section 6 Appendix A) |
+// |
+// |hash| must contain at least 16 bytes. |
+// |challenge| must contain at least 8 bytes. |
+// |response| must contain at least 24 bytes. |
+NET_EXPORT_PRIVATE void GenerateResponseDesl(const uint8_t* hash, |
+ const uint8_t* challenge, |
+ uint8_t* response); |
+ |
+// Generates the NTLM Response field for NTLMv1 without extended session |
+// security. |
+// |server_challenge| must contain at least 8 bytes. |
+// |ntlm_response| must contain at least 24 bytes. |
+NET_EXPORT_PRIVATE void GenerateNtlmResponseV1(const base::string16& password, |
+ const uint8_t* server_challenge, |
+ uint8_t* ntlm_response); |
+ |
+// Generates both the LM Response and NTLM Response fields for NTLMv1 based |
+// on the users password and the servers challenge. |
+// |
+// NOTE: This should not be used. It will only get used in V1 if the |
+// |negotiate_flags_| passed to the constructor omit the |
+// NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag. |
+// |
+// The default flags include this flag and the client will not be |
+// downgraded by the server. |
+// |
+// |server_challenge| must contain at least 8 bytes. |
+// |lm_response| must contain 24 bytes. |
+// |ntlm_response| must contain 24 bytes. |
+NET_EXPORT_PRIVATE void GenerateResponsesV1(const base::string16& password, |
+ const uint8_t* server_challenge, |
+ uint8_t* lm_response, |
+ uint8_t* ntlm_response); |
+ |
+// The LM Response in V1 with extended session security is 8 bytes of the |
+// |client_challenge| then 16 bytes of zero. (See 3.3.1) |
+// |lm_response| must contain at least 24 bytes. |
+NET_EXPORT_PRIVATE void GenerateLMResponseV1WithSS( |
+ const uint8_t* client_challenge, |
+ uint8_t* lm_response); |
+ |
+// The |session_hash| is MD5(CONCAT(server_challenge, client_challenge)). |
+// It is used instead of just |server_challenge| when NTLMv1 with |
+// extended session secruity is enabled. (See 3.3.1) |
+NET_EXPORT_PRIVATE void GenerateSessionHashV1WithSS( |
+ const uint8_t* server_challenge, |
+ const uint8_t* client_challenge, |
+ base::MD5Digest* session_hash); |
+ |
+// The NTLM Response algorithm in V1 with extended session security is the |
+// the same as without extended session security except the challenge |
+// is the NTLMv1 session hash instead of |just server_challenge|. |
+// See |GenerateSessionHashV1WithSS|. |
+NET_EXPORT_PRIVATE void GenerateNtlmResponseV1WithSS( |
+ const base::string16& password, |
+ const uint8_t* server_challenge, |
+ const uint8_t* client_challenge, |
+ uint8_t* ntlm_response); |
+ |
+// Generates the responses for V1 with extended session security. |
+// This is also known as NTLM2 (which is not the same as NTLMv2). |
+NET_EXPORT_PRIVATE void GenerateResponsesV1WithSS( |
+ const base::string16& password, |
+ const uint8_t* server_challenge, |
+ const uint8_t* client_challenge, |
+ uint8_t* lm_response, |
+ uint8_t* ntlm_response); |
+ |
+} // namespace ntlm |
+} // namespace net |
+ |
+#endif // NET_BASE_NTLM_CLIENT_H_ |