Replace NTLMv1 implementation with a functionally equivalent one.

net/ntlm/ntlm_client.h

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Based on [MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol
+// Specification version 28.0 [1]. Additional NTLM reference [2].
+//
+// [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx
+// [2] http://davenport.sourceforge.net/ntlm.html
+
+#ifndef NET_BASE_NTLM_CLIENT_H_
+#define NET_BASE_NTLM_CLIENT_H_
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include <memory>
+#include <string>
+
+#include "base/strings/string16.h"
+#include "base/strings/string_piece.h"
+#include "net/base/net_export.h"
+#include "net/ntlm/ntlm_constants.h"
+
+namespace net {
+namespace ntlm {
+
+// Provides an implementation of an NTLMv1 Client.
+//
+// The implementation supports NTLMv1 with extended session security (NTLM2).
+class NET_EXPORT_PRIVATE NtlmClient {
+ public:
+  NtlmClient();
+  ~NtlmClient();
+
+  // Returns a new buffer containing the Negotiate message that the caller
+  // is responsible for cleaning up.
+  void GetNegotiateMessage(uint8_t** negotiate_message,
+                           size_t* negotiate_message_len) const;
+
+  // Returns a new buffer containing the Authenticate message that the caller
+  // is responsible for cleaning up.
+  bool GenerateAuthenticateMessage(const base::string16& domain,
+                                   const base::string16& username,
+                                   const base::string16& password,
+                                   const std::string& hostname,
+                                   const uint8_t* client_challenge,
+                                   const uint8_t* challenge_message,
+                                   size_t challenge_message_len,
+                                   uint8_t** authenticate_message,
+                                   size_t* authenticate_message_len) const;
+
+ private:
+  // Returns the length of the Authenticate message based on the length of the
+  // variable length parts of the message and whether Unicode support was
+  // negotiated.
+  size_t CalculateAuthenticateMessageLength(bool is_unicode,
+                                            const base::string16& domain,
+                                            const base::string16& username,
+                                            const std::string& hostname) const;
+
+  void CalculatePayloadSizes(bool is_unicode,
+                             const base::string16& domain,
+                             const base::string16& username,
+                             const std::string& hostname,
+                             SecurityBuffer* lm_info,
+                             SecurityBuffer* ntlm_info,
+                             SecurityBuffer* domain_info,
+                             SecurityBuffer* username_info,
+                             SecurityBuffer* hostname_info,
+                             size_t* authenticate_message_len) const;
+
+  // Returns the length of the header part of the Authenticate message.
+  // NOTE: When NTLMv2 support is added this is no longer a fixed value.
+  size_t GetAuthenticateHeaderLength() const;
+
+  // Returns the length of the NTLM response.
+  // NOTE: When NTLMv2 support is added this is no longer a fixed value.
+  size_t GetNtlmResponseLength() const;
+
+  // Generates the negotiate message (which is always the same) into
+  // |negotiate_message_|.
+  void GenerateNegotiateMessage();
+
+  NegotiateFlags negotiate_flags_;
+  std::unique_ptr<uint8_t[]> negotiate_message_;
+
+  DISALLOW_COPY_AND_ASSIGN(NtlmClient);
+};
+
+}  // namespace ntlm
+}  // namespace net
+
+#endif  // NET_BASE_NTLM_CLIENT_H_