Index: net/http/ntlm_buffer_writer.h |
diff --git a/net/http/ntlm_buffer_writer.h b/net/http/ntlm_buffer_writer.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..f23de77a3a3a80dd79c9486ea1838cee27bb84df |
--- /dev/null |
+++ b/net/http/ntlm_buffer_writer.h |
@@ -0,0 +1,185 @@ |
+// Copyright 2017 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef NET_BASE_NTLM_BUFFER_WRITER_H_ |
+#define NET_BASE_NTLM_BUFFER_WRITER_H_ |
+ |
+#include <stddef.h> |
+#include <stdint.h> |
+ |
+#include <memory> |
+#include <string> |
+ |
+#include "base/strings/string16.h" |
+#include "base/strings/string_piece.h" |
+#include "net/base/net_export.h" |
+#include "net/http/ntlm.h" |
+ |
+namespace net { |
+ |
+// Supports various bounds checked low level buffer operations required by an |
+// NTLM implementation. |
+// |
+// The class supports sequential write to an internally managed buffer. All |
+// writes perform bounds checking to ensure enough space is remaining in the |
+// buffer. |
+// |
+// The internal buffer is allocated in the constructor with size |buffer_len| |
+// and owned by the class. Use |ReleaseBufferPtr| to take ownership of the |
+// internal buffer. Thereafter all operations on the class will fail. |
+// |
+// Write* methods write the buffer at the current cursor position and perform |
+// any necessary type conversion and provide the data in out params. After a |
+// successful write the cursor position is advanced past the written field. |
+// |
+// Failed writes leave the internal cursor at the same position as before the |
+// call. |
+// |
+// Based on [MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol |
+// Specification version 28.0 [1] |
+// |
+// [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx |
+class NET_EXPORT_PRIVATE NtlmBufferWriter { |
+ public: |
+ explicit NtlmBufferWriter(size_t buffer_len); |
+ ~NtlmBufferWriter(); |
+ |
+ size_t GetLength() const { return buffer_len_; } |
+ size_t GetCursor() const { return cursor_; } |
+ bool IsEndOfBuffer() const { return cursor_ >= GetLength(); } |
+ |
+ // Releases ownership of the internal buffer. Subsequent writes |
+ // will all fail. |
+ uint8_t* ReleaseBufferPtr() { |
+ buffer_len_ = 0; |
+ cursor_ = 0; |
+ return buffer_.release(); |
+ } |
+ |
+ // Gets a base::StringPiece view over the entire buffer. |
+ base::StringPiece GetBuffer() const { |
+ return base::StringPiece(reinterpret_cast<const char*>(buffer_.get()), |
+ buffer_len_); |
+ } |
+ |
+ // Returns true if there are |len| more bytes between the current cursor |
+ // position and the end of the buffer. |
+ bool CanWrite(size_t len) const; |
+ |
+ // Writes a 16 bit unsigned value (little endian). If there are not 16 |
+ // more bits available in the buffer it returns false. |
+ bool WriteUInt16(uint16_t value); |
asanka
2017/06/16 03:21:29
Same comment about WARN_UNUSED_RESULT. The buffer
zentaro
2017/06/21 00:38:47
Done.
|
+ |
+ // Writes a 32 bit unsigned value (little endian). If there are not 32 |
+ // more bits available in the buffer it returns false. |
+ bool WriteUInt32(uint32_t value); |
+ |
+ // Writes a 64 bit unsigned value (little endian). If there are not 64 |
+ // more bits available in the buffer it returns false. |
+ bool WriteUInt64(uint64_t value); |
+ |
+ // Casts |flags| to |uint32_t| and calls |WriteUInt32|. |
asanka
2017/06/16 03:21:29
Unnecessary to describe an implementation detail.
zentaro
2017/06/21 00:38:47
Done.
|
+ bool WriteFlags(ntlm::NegotiateFlags flags); |
+ |
+ // Writes |len| bytes from |buffer|. If there are not |len| more bytes in |
+ // the buffer it returns false. |
+ bool WriteBytes(const uint8_t* buffer, size_t len); |
+ |
+ // Writes the bytes from the |base::StringPiece|. If there are not enough |
+ // bytes in the buffer it returns false. |
+ bool WriteBytes(base::StringPiece bytes); |
+ |
+ // Writes |count| bytes of zeros to the buffer. If there are not |count| |
+ // more bytes in available in the buffer it returns false. |
+ bool WriteZeros(size_t count); |
+ |
+ // A security buffer is an 8 byte structure that defines the offset and |
+ // length of a payload (string, struct, or byte array) that appears after |
+ // the fixed part of the message. |
+ // |
+ // The structure in the NTLM message is (little endian fields): |
+ // uint16 - |length| Length of payload |
+ // uint16 - Allocation (ignored and always set to |length|) |
+ // uint32 - |offset| Offset from start of message |
+ bool WriteSecurityBuffer(ntlm::SecurityBuffer sec_buf); |
+ |
+ // Writes a security buffer with all fields zero. This implies there is |
+ // no payload for this field. See |WriteSecurityBuffer|. |
+ bool WriteEmptySecurityBuffer(); |
+ |
+ // Writes a string of 8 bit characters to the buffer. |
+ // |
+ // When unicode was not negotiated only the hostname string will go through |
+ // this code path. The 8 bit bytes of the hostname are written to the buffer. |
+ // The encoding is not relevant. |
+ bool WriteUtf8String(const std::string& str); |
+ |
+ // Converts the 16 bit characters to UTF8 and writes the resulting 8 bit |
+ // characters. |
+ // |
+ // If unicode was not negotiated, username and domain get converted to UTF8 |
+ // in the message. Since they are just treated as additional bytes input to |
+ // hash the encoding doesn't matter. In practice only a very old or non- |
+ // windows server might trigger this code path since we always attempt to |
+ // negotiate unicode and servers are supposed to honor that request. |
+ bool WriteUtf16AsUtf8String(const base::string16& str); |
+ |
+ // Treats |str| as UTF8, converts to UTF-16 and writes it with little-endian |
+ // byte order to the buffer. |
+ // |
+ // Two specific strings go through this code path. |
+ // |
+ // One case is the hostname. When the the unicode flag has been set during |
+ // negotiation the hostname needs to appear in the message with 16 bit |
+ // chars. The high byte of each char is just set to 0. |
+ // |
+ // The other case is the spn. With EPA enabled it appears in the target info |
+ // inside an AV Pair where strings always have 16 bit chars. |
+ bool WriteUtf8AsUtf16String(const std::string& str); |
+ |
+ // Writes UTF-16 LE characters to the buffer. For these strings such as |
+ // username and domain the actual encoding isn't really important. They are |
+ // just treated as additional bytes of input to the hash. |
+ bool WriteUtf16String(const base::string16& str); |
+ |
+ // Writes the 8 byte NTLM signature "NTLMSSP\0" into the buffer. |
+ bool WriteSignature(); |
+ |
+ // There are 3 message types Negotiate (sent by client), Challenge (sent by |
+ // server), and Authenticate (sent by client). |
+ // |
+ // This writes |message_type| as a uint32_t into the buffer. |
+ bool WriteMessageType(ntlm::MessageType message_type); |
+ |
+ // Performs |WriteSignature| then |WriteMessageType|. |
+ bool WriteMessageHeader(ntlm::MessageType message_type); |
+ |
+ private: |
+ // Writes |sizeof(T)| bytes little-endian of an integer type to the buffer. |
+ template <typename T> |
+ bool WriteUInt(T value); |
+ |
+ // Sets the cursor position. Will return false if outside the buffer. |
+ void SetCursor(size_t cursor); |
+ |
+ // Advances the cursor by |count|. The caller is responsible for checking |
+ // that the target location is within the buffer. |
+ void AdvanceCursor(size_t count) { SetCursor(GetCursor() + count); } |
+ |
+ // Returns a pointer to the start of the buffer. |
+ uint8_t* GetBufferPtr() const { return buffer_.get(); } |
+ |
+ // Returns pointer into the buffer at the current cursor location. |
+ uint8_t* GetBufferPtrAtCursor() const { return buffer_.get() + GetCursor(); } |
+ |
+ std::unique_ptr<uint8_t[]> buffer_; |
+ size_t buffer_len_; |
+ size_t cursor_; |
+ |
+ DISALLOW_COPY_AND_ASSIGN(NtlmBufferWriter); |
+}; |
+ |
+} // namespace net |
+ |
+#endif // NET_BASE_NTLM_BUFFER_WRITER_H_ |