2012-02-24 00:56:50 +04:00
|
|
|
/**
|
2012-05-22 06:48:33 +04:00
|
|
|
* WinPR: Windows Portable Runtime
|
2012-02-24 00:56:50 +04:00
|
|
|
* NTLM Security Package
|
|
|
|
*
|
2014-06-07 08:17:11 +04:00
|
|
|
* Copyright 2011-2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
|
2012-02-24 00:56:50 +04:00
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2012-05-22 06:48:33 +04:00
|
|
|
#ifndef WINPR_SSPI_NTLM_PRIVATE_H
|
|
|
|
#define WINPR_SSPI_NTLM_PRIVATE_H
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-05-05 03:48:53 +04:00
|
|
|
#include <winpr/sspi.h>
|
2012-05-25 22:03:56 +04:00
|
|
|
#include <winpr/windows.h>
|
|
|
|
|
2014-06-06 06:10:08 +04:00
|
|
|
#include <winpr/nt.h>
|
|
|
|
|
2012-05-25 22:03:56 +04:00
|
|
|
#include <time.h>
|
|
|
|
#include <openssl/des.h>
|
|
|
|
#include <openssl/md4.h>
|
|
|
|
#include <openssl/md5.h>
|
2013-01-09 06:56:28 +04:00
|
|
|
#include <openssl/sha.h>
|
2012-05-25 22:03:56 +04:00
|
|
|
#include <openssl/rc4.h>
|
|
|
|
#include <openssl/hmac.h>
|
|
|
|
#include <openssl/rand.h>
|
|
|
|
#include <openssl/engine.h>
|
2012-02-24 00:56:50 +04:00
|
|
|
|
2012-02-24 06:26:00 +04:00
|
|
|
#include "../sspi.h"
|
|
|
|
|
2012-06-29 22:31:32 +04:00
|
|
|
#define MESSAGE_TYPE_NEGOTIATE 1
|
|
|
|
#define MESSAGE_TYPE_CHALLENGE 2
|
|
|
|
#define MESSAGE_TYPE_AUTHENTICATE 3
|
|
|
|
|
|
|
|
#define NTLMSSP_NEGOTIATE_56 0x80000000 /* W (0) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 /* V (1) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_128 0x20000000 /* U (2) */
|
|
|
|
#define NTLMSSP_RESERVED1 0x10000000 /* r1 (3) */
|
|
|
|
#define NTLMSSP_RESERVED2 0x08000000 /* r2 (4) */
|
|
|
|
#define NTLMSSP_RESERVED3 0x04000000 /* r3 (5) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_VERSION 0x02000000 /* T (6) */
|
|
|
|
#define NTLMSSP_RESERVED4 0x01000000 /* r4 (7) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000 /* S (8) */
|
|
|
|
#define NTLMSSP_REQUEST_NON_NT_SESSION_KEY 0x00400000 /* R (9) */
|
|
|
|
#define NTLMSSP_RESERVED5 0x00200000 /* r5 (10) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_IDENTIFY 0x00100000 /* Q (11) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY 0x00080000 /* P (12) */
|
|
|
|
#define NTLMSSP_RESERVED6 0x00040000 /* r6 (13) */
|
|
|
|
#define NTLMSSP_TARGET_TYPE_SERVER 0x00020000 /* O (14) */
|
|
|
|
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x00010000 /* N (15) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 /* M (16) */
|
|
|
|
#define NTLMSSP_RESERVED7 0x00004000 /* r7 (17) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000 /* L (18) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000 /* K (19) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_ANONYMOUS 0x00000800 /* J (20) */
|
|
|
|
#define NTLMSSP_RESERVED8 0x00000400 /* r8 (21) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_NTLM 0x00000200 /* H (22) */
|
|
|
|
#define NTLMSSP_RESERVED9 0x00000100 /* r9 (23) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 /* G (24) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_DATAGRAM 0x00000040 /* F (25) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_SEAL 0x00000020 /* E (26) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_SIGN 0x00000010 /* D (27) */
|
|
|
|
#define NTLMSSP_RESERVED10 0x00000008 /* r10 (28) */
|
|
|
|
#define NTLMSSP_REQUEST_TARGET 0x00000004 /* C (29) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_OEM 0x00000002 /* B (30) */
|
|
|
|
#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 /* A (31) */
|
|
|
|
|
2012-02-24 06:26:00 +04:00
|
|
|
enum _NTLM_STATE
|
|
|
|
{
|
|
|
|
NTLM_STATE_INITIAL,
|
|
|
|
NTLM_STATE_NEGOTIATE,
|
|
|
|
NTLM_STATE_CHALLENGE,
|
|
|
|
NTLM_STATE_AUTHENTICATE,
|
2014-06-11 00:38:16 +04:00
|
|
|
NTLM_STATE_COMPLETION,
|
2012-02-24 06:26:00 +04:00
|
|
|
NTLM_STATE_FINAL
|
|
|
|
};
|
|
|
|
typedef enum _NTLM_STATE NTLM_STATE;
|
2012-02-24 00:56:50 +04:00
|
|
|
|
2012-07-02 05:40:33 +04:00
|
|
|
enum _NTLM_AV_ID
|
2012-02-25 18:55:52 +04:00
|
|
|
{
|
|
|
|
MsvAvEOL,
|
|
|
|
MsvAvNbComputerName,
|
|
|
|
MsvAvNbDomainName,
|
|
|
|
MsvAvDnsComputerName,
|
|
|
|
MsvAvDnsDomainName,
|
|
|
|
MsvAvDnsTreeName,
|
|
|
|
MsvAvFlags,
|
|
|
|
MsvAvTimestamp,
|
2013-01-09 21:05:34 +04:00
|
|
|
MsvAvSingleHost,
|
2012-02-25 18:55:52 +04:00
|
|
|
MsvAvTargetName,
|
|
|
|
MsvChannelBindings
|
|
|
|
};
|
2012-07-02 05:40:33 +04:00
|
|
|
typedef enum _NTLM_AV_ID NTLM_AV_ID;
|
|
|
|
|
|
|
|
struct _NTLM_AV_PAIR
|
|
|
|
{
|
|
|
|
UINT16 AvId;
|
|
|
|
UINT16 AvLen;
|
|
|
|
};
|
|
|
|
typedef struct _NTLM_AV_PAIR NTLM_AV_PAIR;
|
2012-02-25 18:55:52 +04:00
|
|
|
|
2012-07-02 01:05:31 +04:00
|
|
|
#define MSV_AV_FLAGS_AUTHENTICATION_CONSTRAINED 0x00000001
|
|
|
|
#define MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK 0x00000002
|
|
|
|
#define MSV_AV_FLAGS_TARGET_SPN_UNTRUSTED_SOURCE 0x00000004
|
|
|
|
|
|
|
|
#define WINDOWS_MAJOR_VERSION_5 0x05
|
|
|
|
#define WINDOWS_MAJOR_VERSION_6 0x06
|
|
|
|
#define WINDOWS_MINOR_VERSION_0 0x00
|
|
|
|
#define WINDOWS_MINOR_VERSION_1 0x01
|
|
|
|
#define WINDOWS_MINOR_VERSION_2 0x02
|
|
|
|
#define NTLMSSP_REVISION_W2K3 0x0F
|
2012-06-29 22:31:32 +04:00
|
|
|
|
|
|
|
struct _NTLM_VERSION_INFO
|
|
|
|
{
|
|
|
|
UINT8 ProductMajorVersion;
|
|
|
|
UINT8 ProductMinorVersion;
|
|
|
|
UINT16 ProductBuild;
|
|
|
|
BYTE Reserved[3];
|
|
|
|
UINT8 NTLMRevisionCurrent;
|
|
|
|
};
|
|
|
|
typedef struct _NTLM_VERSION_INFO NTLM_VERSION_INFO;
|
|
|
|
|
2013-01-09 21:05:34 +04:00
|
|
|
struct _NTLM_SINGLE_HOST_DATA
|
2012-07-02 03:43:13 +04:00
|
|
|
{
|
|
|
|
UINT32 Size;
|
|
|
|
UINT32 Z4;
|
2013-01-09 21:05:34 +04:00
|
|
|
UINT32 DataPresent;
|
|
|
|
UINT32 CustomData;
|
2012-07-02 06:13:02 +04:00
|
|
|
BYTE MachineID[32];
|
2012-07-02 03:43:13 +04:00
|
|
|
};
|
2013-01-09 21:05:34 +04:00
|
|
|
typedef struct _NTLM_SINGLE_HOST_DATA NTLM_SINGLE_HOST_DATA;
|
2012-07-02 03:43:13 +04:00
|
|
|
|
2012-07-01 22:33:36 +04:00
|
|
|
struct _NTLM_RESPONSE
|
|
|
|
{
|
|
|
|
BYTE Response[24];
|
|
|
|
};
|
|
|
|
typedef struct _NTLM_RESPONSE NTLM_RESPONSE;
|
|
|
|
|
|
|
|
struct _NTLMv2_CLIENT_CHALLENGE
|
|
|
|
{
|
|
|
|
UINT8 RespType;
|
|
|
|
UINT8 HiRespType;
|
|
|
|
UINT16 Reserved1;
|
|
|
|
UINT32 Reserved2;
|
|
|
|
BYTE Timestamp[8];
|
|
|
|
BYTE ClientChallenge[8];
|
|
|
|
UINT32 Reserved3;
|
|
|
|
NTLM_AV_PAIR* AvPairs;
|
|
|
|
};
|
|
|
|
typedef struct _NTLMv2_CLIENT_CHALLENGE NTLMv2_CLIENT_CHALLENGE;
|
|
|
|
|
|
|
|
struct _NTLMv2_RESPONSE
|
|
|
|
{
|
|
|
|
BYTE Response[16];
|
|
|
|
NTLMv2_CLIENT_CHALLENGE Challenge;
|
|
|
|
};
|
|
|
|
typedef struct _NTLMv2_RESPONSE NTLMv2_RESPONSE;
|
|
|
|
|
2012-06-30 00:09:14 +04:00
|
|
|
struct _NTLM_MESSAGE_FIELDS
|
2012-06-29 18:58:44 +04:00
|
|
|
{
|
|
|
|
UINT16 Len;
|
|
|
|
UINT16 MaxLen;
|
|
|
|
PBYTE Buffer;
|
|
|
|
UINT32 BufferOffset;
|
|
|
|
};
|
2012-06-30 00:09:14 +04:00
|
|
|
typedef struct _NTLM_MESSAGE_FIELDS NTLM_MESSAGE_FIELDS;
|
|
|
|
|
|
|
|
struct _NTLM_MESSAGE_HEADER
|
|
|
|
{
|
|
|
|
BYTE Signature[8];
|
|
|
|
UINT32 MessageType;
|
|
|
|
};
|
|
|
|
typedef struct _NTLM_MESSAGE_HEADER NTLM_MESSAGE_HEADER;
|
2012-06-29 18:58:44 +04:00
|
|
|
|
2012-06-29 22:31:32 +04:00
|
|
|
struct _NTLM_NEGOTIATE_MESSAGE
|
|
|
|
{
|
|
|
|
BYTE Signature[8];
|
|
|
|
UINT32 MessageType;
|
|
|
|
UINT32 NegotiateFlags;
|
|
|
|
NTLM_VERSION_INFO Version;
|
2012-06-30 00:09:14 +04:00
|
|
|
NTLM_MESSAGE_FIELDS DomainName;
|
|
|
|
NTLM_MESSAGE_FIELDS Workstation;
|
2012-06-29 22:31:32 +04:00
|
|
|
};
|
|
|
|
typedef struct _NTLM_NEGOTIATE_MESSAGE NTLM_NEGOTIATE_MESSAGE;
|
|
|
|
|
|
|
|
struct _NTLM_CHALLENGE_MESSAGE
|
|
|
|
{
|
|
|
|
BYTE Signature[8];
|
|
|
|
UINT32 MessageType;
|
|
|
|
UINT32 NegotiateFlags;
|
|
|
|
BYTE ServerChallenge[8];
|
2012-07-01 22:33:36 +04:00
|
|
|
BYTE Reserved[8];
|
2012-06-29 22:31:32 +04:00
|
|
|
NTLM_VERSION_INFO Version;
|
2012-06-30 00:09:14 +04:00
|
|
|
NTLM_MESSAGE_FIELDS TargetName;
|
|
|
|
NTLM_MESSAGE_FIELDS TargetInfo;
|
2012-06-29 22:31:32 +04:00
|
|
|
};
|
|
|
|
typedef struct _NTLM_CHALLENGE_MESSAGE NTLM_CHALLENGE_MESSAGE;
|
|
|
|
|
|
|
|
struct _NTLM_AUTHENTICATE_MESSAGE
|
|
|
|
{
|
|
|
|
BYTE Signature[8];
|
|
|
|
UINT32 MessageType;
|
|
|
|
UINT32 NegotiateFlags;
|
|
|
|
NTLM_VERSION_INFO Version;
|
2012-06-30 00:09:14 +04:00
|
|
|
NTLM_MESSAGE_FIELDS DomainName;
|
|
|
|
NTLM_MESSAGE_FIELDS UserName;
|
|
|
|
NTLM_MESSAGE_FIELDS Workstation;
|
|
|
|
NTLM_MESSAGE_FIELDS LmChallengeResponse;
|
|
|
|
NTLM_MESSAGE_FIELDS NtChallengeResponse;
|
|
|
|
NTLM_MESSAGE_FIELDS EncryptedRandomSessionKey;
|
2012-06-29 22:31:32 +04:00
|
|
|
BYTE MessageIntegrityCheck[16];
|
|
|
|
};
|
|
|
|
typedef struct _NTLM_AUTHENTICATE_MESSAGE NTLM_AUTHENTICATE_MESSAGE;
|
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
struct _NTLM_CONTEXT
|
|
|
|
{
|
2012-05-25 11:24:42 +04:00
|
|
|
BOOL server;
|
2012-07-02 05:40:33 +04:00
|
|
|
BOOL NTLMv2;
|
|
|
|
BOOL UseMIC;
|
2012-02-24 06:26:00 +04:00
|
|
|
NTLM_STATE state;
|
2012-03-19 06:24:49 +04:00
|
|
|
int SendSeqNum;
|
|
|
|
int RecvSeqNum;
|
2014-06-09 23:25:00 +04:00
|
|
|
BYTE NtlmHash[16];
|
|
|
|
BYTE NtlmV2Hash[16];
|
2012-07-02 06:13:02 +04:00
|
|
|
BYTE MachineID[32];
|
2012-07-02 03:43:13 +04:00
|
|
|
BOOL SendVersionInfo;
|
2012-05-25 11:24:42 +04:00
|
|
|
BOOL confidentiality;
|
2012-05-25 22:03:56 +04:00
|
|
|
RC4_KEY SendRc4Seal;
|
|
|
|
RC4_KEY RecvRc4Seal;
|
2012-05-23 11:08:24 +04:00
|
|
|
BYTE* SendSigningKey;
|
|
|
|
BYTE* RecvSigningKey;
|
|
|
|
BYTE* SendSealingKey;
|
|
|
|
BYTE* RecvSealingKey;
|
|
|
|
UINT32 NegotiateFlags;
|
2014-06-19 00:02:13 +04:00
|
|
|
BOOL UseSamFileDatabase;
|
2012-06-04 00:30:15 +04:00
|
|
|
int LmCompatibilityLevel;
|
2012-06-07 03:20:05 +04:00
|
|
|
int SuppressExtendedProtection;
|
2013-01-31 04:47:27 +04:00
|
|
|
BOOL SendWorkstationName;
|
2012-07-02 05:40:33 +04:00
|
|
|
UNICODE_STRING Workstation;
|
2012-07-02 06:13:02 +04:00
|
|
|
UNICODE_STRING ServicePrincipalName;
|
2014-06-09 23:25:00 +04:00
|
|
|
SSPI_CREDENTIALS* credentials;
|
2012-12-21 21:17:07 +04:00
|
|
|
BYTE* ChannelBindingToken;
|
|
|
|
BYTE ChannelBindingsHash[16];
|
2013-01-09 09:20:08 +04:00
|
|
|
SecPkgContext_Bindings Bindings;
|
2013-01-09 21:05:34 +04:00
|
|
|
BOOL SendSingleHostData;
|
2014-06-18 22:42:35 +04:00
|
|
|
BOOL NegotiateKeyExchange;
|
2013-01-09 21:05:34 +04:00
|
|
|
NTLM_SINGLE_HOST_DATA SingleHostData;
|
2013-01-31 04:47:27 +04:00
|
|
|
NTLM_NEGOTIATE_MESSAGE NEGOTIATE_MESSAGE;
|
|
|
|
NTLM_CHALLENGE_MESSAGE CHALLENGE_MESSAGE;
|
|
|
|
NTLM_AUTHENTICATE_MESSAGE AUTHENTICATE_MESSAGE;
|
2012-03-16 04:37:38 +04:00
|
|
|
SecBuffer NegotiateMessage;
|
|
|
|
SecBuffer ChallengeMessage;
|
|
|
|
SecBuffer AuthenticateMessage;
|
2012-07-02 05:40:33 +04:00
|
|
|
SecBuffer ChallengeTargetInfo;
|
|
|
|
SecBuffer AuthenticateTargetInfo;
|
2012-03-16 04:37:38 +04:00
|
|
|
SecBuffer TargetName;
|
|
|
|
SecBuffer NtChallengeResponse;
|
|
|
|
SecBuffer LmChallengeResponse;
|
2014-06-11 00:38:16 +04:00
|
|
|
NTLMv2_RESPONSE NTLMv2Response;
|
2012-05-23 11:08:24 +04:00
|
|
|
BYTE Timestamp[8];
|
2012-07-02 05:40:33 +04:00
|
|
|
BYTE ChallengeTimestamp[8];
|
2012-05-23 11:08:24 +04:00
|
|
|
BYTE ServerChallenge[8];
|
|
|
|
BYTE ClientChallenge[8];
|
|
|
|
BYTE SessionBaseKey[16];
|
|
|
|
BYTE KeyExchangeKey[16];
|
|
|
|
BYTE RandomSessionKey[16];
|
|
|
|
BYTE ExportedSessionKey[16];
|
|
|
|
BYTE EncryptedRandomSessionKey[16];
|
|
|
|
BYTE ClientSigningKey[16];
|
|
|
|
BYTE ClientSealingKey[16];
|
|
|
|
BYTE ServerSigningKey[16];
|
|
|
|
BYTE ServerSealingKey[16];
|
|
|
|
BYTE MessageIntegrityCheck[16];
|
2014-06-11 00:38:16 +04:00
|
|
|
UINT32 MessageIntegrityCheckOffset;
|
2012-02-24 00:56:50 +04:00
|
|
|
};
|
|
|
|
typedef struct _NTLM_CONTEXT NTLM_CONTEXT;
|
|
|
|
|
2013-02-15 01:20:43 +04:00
|
|
|
NTLM_CONTEXT* ntlm_ContextNew(void);
|
2012-03-03 22:02:13 +04:00
|
|
|
void ntlm_ContextFree(NTLM_CONTEXT* context);
|
|
|
|
|
2012-03-19 02:14:20 +04:00
|
|
|
#ifdef WITH_DEBUG_NLA
|
|
|
|
#define WITH_DEBUG_NTLM
|
|
|
|
#endif
|
2012-02-25 18:55:52 +04:00
|
|
|
|
2012-03-06 02:23:22 +04:00
|
|
|
#endif /* FREERDP_SSPI_NTLM_PRIVATE_H */
|