libfreerdp-core: added NTLMSSP

2011-06-30 18:52:41 -04:00 · 2011-06-30 18:52:41 -04:00 · f9d4453c40
commit f9d4453c40
parent 61afc74d2e
2 changed files with 1888 additions and 0 deletions
--- a/libfreerdp-core/ntlmssp.c
+++ b/libfreerdp-core/ntlmssp.c
--- a/libfreerdp-core/ntlmssp.h
+++ b/libfreerdp-core/ntlmssp.h
@ -0,0 +1,164 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Client
+ * NT LAN Manager Security Support Provider (NTLMSSP)
+ *
+ * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __NTLMSSP_H
+#define __NTLMSSP_H
+
+#include "security.h"
+#include "credssp.h"
+
+#include <freerdp/utils/debug.h>
+#include <freerdp/utils/unicode.h>
+
+struct _AV_PAIR
+{
+	uint16 length;
+	uint8* value;
+};
+typedef struct _AV_PAIR AV_PAIR;
+
+struct _AV_PAIRS
+{
+	AV_PAIR NbComputerName;
+	AV_PAIR NbDomainName;
+	AV_PAIR DnsComputerName;
+	AV_PAIR DnsDomainName;
+	AV_PAIR DnsTreeName;
+	AV_PAIR Timestamp;
+	AV_PAIR Restrictions;
+	AV_PAIR TargetName;
+	AV_PAIR ChannelBindings;
+	uint32 Flags;
+};
+typedef struct _AV_PAIRS AV_PAIRS;
+
+enum _AV_ID
+{
+	MsvAvEOL,
+	MsvAvNbComputerName,
+	MsvAvNbDomainName,
+	MsvAvDnsComputerName,
+	MsvAvDnsDomainName,
+	MsvAvDnsTreeName,
+	MsvAvFlags,
+	MsvAvTimestamp,
+	MsvAvRestrictions,
+	MsvAvTargetName,
+	MsvChannelBindings
+};
+typedef enum _AV_ID AV_ID;
+
+enum _NTLMSSP_STATE
+{
+	NTLMSSP_STATE_INITIAL,
+	NTLMSSP_STATE_NEGOTIATE,
+	NTLMSSP_STATE_CHALLENGE,
+	NTLMSSP_STATE_AUTHENTICATE,
+	NTLMSSP_STATE_FINAL
+};
+typedef enum _NTLMSSP_STATE NTLMSSP_STATE;
+
+struct _NTLMSSP
+{
+	NTLMSSP_STATE state;
+	DATABLOB password;
+	DATABLOB username;
+	DATABLOB domain;
+	DATABLOB workstation;
+	DATABLOB target_info;
+	DATABLOB target_name;
+	DATABLOB spn;
+	UNICONV *uniconv;
+	uint32 negotiate_flags;
+	uint8 timestamp[8];
+	uint8 server_challenge[8];
+	uint8 client_challenge[8];
+	uint8 session_base_key[16];
+	uint8 key_exchange_key[16];
+	uint8 random_session_key[16];
+	uint8 exported_session_key[16];
+	uint8 encrypted_random_session_key[16];
+	uint8 client_signing_key[16];
+	uint8 client_sealing_key[16];
+	uint8 server_signing_key[16];
+	uint8 server_sealing_key[16];
+	uint8 message_integrity_check[16];
+	DATABLOB nt_challenge_response;
+	DATABLOB lm_challenge_response;
+	DATABLOB negotiate_message;
+	DATABLOB challenge_message;
+	DATABLOB authenticate_message;
+	CryptoRc4 send_rc4_seal;
+	CryptoRc4 recv_rc4_seal;
+	AV_PAIRS *av_pairs;
+	int send_seq_num;
+	int recv_seq_num;
+	int ntlm_v2;
+};
+typedef struct _NTLMSSP NTLMSSP;
+
+void ntlmssp_set_username(NTLMSSP *ntlmssp, char* username);
+void ntlmssp_set_domain(NTLMSSP *ntlmssp, char* domain);
+void ntlmssp_set_password(NTLMSSP *ntlmssp, char* password);
+
+void ntlmssp_generate_client_challenge(NTLMSSP *ntlmssp);
+void ntlmssp_generate_key_exchange_key(NTLMSSP *ntlmssp);
+void ntlmssp_generate_random_session_key(NTLMSSP *ntlmssp);
+void ntlmssp_generate_exported_session_key(NTLMSSP *ntlmssp);
+void ntlmssp_encrypt_random_session_key(NTLMSSP *ntlmssp);
+
+void ntlmssp_generate_timestamp(NTLMSSP *ntlmssp);
+void ntlmssp_generate_client_signing_key(NTLMSSP *ntlmssp);
+void ntlmssp_generate_server_signing_key(NTLMSSP *ntlmssp);
+void ntlmssp_generate_client_sealing_key(NTLMSSP *ntlmssp);
+void ntlmssp_generate_server_sealing_key(NTLMSSP *ntlmssp);
+void ntlmssp_init_rc4_seal_states(NTLMSSP *ntlmssp);
+
+void ntlmssp_compute_lm_hash(char* password, char* hash);
+void ntlmssp_compute_ntlm_hash(DATABLOB* password, char* hash);
+void ntlmssp_compute_ntlm_v2_hash(NTLMSSP *ntlmssp, char* hash);
+
+void ntlmssp_compute_lm_response(char* password, char* challenge, char* response);
+void ntlmssp_compute_lm_v2_response(NTLMSSP *ntlmssp);
+void ntlmssp_compute_ntlm_v2_response(NTLMSSP *ntlmssp);
+
+void ntlmssp_populate_av_pairs(NTLMSSP *ntlmssp);
+void ntlmssp_input_av_pairs(NTLMSSP *ntlmssp, STREAM s);
+void ntlmssp_output_av_pairs(NTLMSSP *ntlmssp, STREAM s);
+void ntlmssp_free_av_pairs(NTLMSSP *ntlmssp);
+
+void ntlmssp_compute_message_integrity_check(NTLMSSP *ntlmssp);
+
+void ntlmssp_encrypt_message(NTLMSSP *ntlmssp, DATABLOB *msg, DATABLOB *encrypted_msg, uint8* signature);
+int ntlmssp_decrypt_message(NTLMSSP *ntlmssp, DATABLOB *encrypted_msg, DATABLOB *msg, uint8* signature);
+
+int ntlmssp_recv(NTLMSSP *ntlmssp, STREAM s);
+int ntlmssp_send(NTLMSSP *ntlmssp, STREAM s);
+
+NTLMSSP* ntlmssp_new();
+void ntlmssp_init(NTLMSSP *ntlmssp);
+void ntlmssp_free(NTLMSSP *ntlmssp);
+
+#ifdef WITH_DEBUG_NLA
+#define DEBUG_NLA(fmt, ...) DEBUG_CLASS(NLA, fmt, ## __VA_ARGS__)
+#else
+#define DEBUG_NLA(fmt, ...) DEBUG_NULL(fmt, ## __VA_ARGS__)
+#endif
+
+#endif /* __NTLMSSP_H */