1/* This is a generated file */
2#ifndef __heimntlm_protos_h__
3#define __heimntlm_protos_h__
4
5#include <stdarg.h>
6
7#ifdef __cplusplus
8extern "C" {
9#endif
10
11/**
12 * Generates an NTLMv1 session random with assosited session master key.
13 *
14 * @param key the ntlm v1 key
15 * @param len length of key
16 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
17 * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
18 *
19 * @return In case of success 0 is return, an errors, a errno in what
20 * went wrong.
21 *
22 * @ingroup ntlm_core
23 */
24
25int
26heim_ntlm_build_ntlm1_master (
27	void *key,
28	size_t len,
29	struct ntlm_buf *session,
30	struct ntlm_buf *master);
31
32/**
33 * Generates an NTLMv2 session random with associated session master key.
34 *
35 * @param key the NTLMv2 key
36 * @param len length of key
37 * @param blob the NTLMv2 "blob"
38 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
39 * @param master calculated session master key, should be freed with heim_ntlm_free_buf().
40 *
41 * @return In case of success 0 is return, an errors, a errno in what
42 * went wrong.
43 *
44 * @ingroup ntlm_core
45 */
46
47int
48heim_ntlm_build_ntlm2_master (
49	void *key,
50	size_t len,
51	struct ntlm_buf *blob,
52	struct ntlm_buf *session,
53	struct ntlm_buf *master);
54
55/**
56 * Calculate LMv2 response
57 *
58 * @param key the ntlm key
59 * @param len length of key
60 * @param username name of the user, as sent in the message, assumed to be in UTF8.
61 * @param target the name of the target, assumed to be in UTF8.
62 * @param serverchallenge challenge as sent by the server in the type2 message.
63 * @param ntlmv2 calculated session key
64 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
65 *
66 * @return In case of success 0 is return, an errors, a errno in what
67 * went wrong.
68 *
69 * @ingroup ntlm_core
70 */
71
72int
73heim_ntlm_calculate_lm2 (
74	const void *key,
75	size_t len,
76	const char *username,
77	const char *target,
78	const unsigned char serverchallenge[8],
79	unsigned char ntlmv2[16],
80	struct ntlm_buf *answer);
81
82/**
83 * Calculate NTLMv1 response hash
84 *
85 * @param key the ntlm v1 key
86 * @param len length of key
87 * @param challenge sent by the server
88 * @param answer calculated answer, should be freed with heim_ntlm_free_buf().
89 *
90 * @return In case of success 0 is return, an errors, a errno in what
91 * went wrong.
92 *
93 * @ingroup ntlm_core
94 */
95
96int
97heim_ntlm_calculate_ntlm1 (
98	void *key,
99	size_t len,
100	unsigned char challenge[8],
101	struct ntlm_buf *answer);
102
103/**
104 * Calculate NTLMv2 response
105 *
106 * @param key the ntlm key
107 * @param len length of key
108 * @param username name of the user, as sent in the message, assumed to be in UTF8.
109 * @param target the name of the target, assumed to be in UTF8.
110 * @param serverchallenge challenge as sent by the server in the type2 message.
111 * @param infotarget infotarget as sent by the server in the type2 message.
112 * @param ntlmv2 calculated session key
113 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
114 *
115 * @return In case of success 0 is return, an errors, a errno in what
116 * went wrong.
117 *
118 * @ingroup ntlm_core
119 */
120
121int
122heim_ntlm_calculate_ntlm2 (
123	const void *key,
124	size_t len,
125	const char *username,
126	const char *target,
127	const unsigned char serverchallenge[8],
128	const struct ntlm_buf *infotarget,
129	unsigned char ntlmv2[16],
130	struct ntlm_buf *answer);
131
132/**
133     * Third check with empty domain.
134 */
135
136int
137heim_ntlm_calculate_ntlm2_sess (
138	const unsigned char clnt_nonce[8],
139	const unsigned char svr_chal[8],
140	const unsigned char ntlm_hash[16],
141	struct ntlm_buf *lm,
142	struct ntlm_buf *ntlm);
143
144int
145heim_ntlm_calculate_ntlm2_sess_hash (
146	const unsigned char clnt_nonce[8],
147	const unsigned char svr_chal[8],
148	unsigned char verifier[8]);
149
150/**
151 * Decodes an NTLM targetinfo message
152 *
153 * @param data input data buffer with the encode NTLM targetinfo message
154 * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
155 * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
156 *
157 * @return In case of success 0 is return, an errors, a errno in what
158 * went wrong.
159 *
160 * @ingroup ntlm_core
161 */
162
163int
164heim_ntlm_decode_targetinfo (
165	const struct ntlm_buf *data,
166	int ucs2,
167	struct ntlm_targetinfo *ti);
168
169int
170heim_ntlm_decode_type1 (
171	const struct ntlm_buf *buf,
172	struct ntlm_type1 *data);
173
174int
175heim_ntlm_decode_type2 (
176	const struct ntlm_buf *buf,
177	struct ntlm_type2 *type2);
178
179int
180heim_ntlm_decode_type3 (
181	const struct ntlm_buf *buf,
182	int ucs2,
183	struct ntlm_type3 *type3);
184
185void
186heim_ntlm_derive_ntlm2_sess (
187	const unsigned char sessionkey[16],
188	const unsigned char *clnt_nonce,
189	size_t clnt_nonce_length,
190	const unsigned char svr_chal[8],
191	unsigned char derivedkey[16]);
192
193/**
194 * Encodes a ntlm_targetinfo message.
195 *
196 * @param ti the ntlm_targetinfo message to encode.
197 * @param ucs2 ignored
198 * @param data is the return buffer with the encoded message, should be
199 * freed with heim_ntlm_free_buf().
200 *
201 * @return In case of success 0 is return, an errors, a errno in what
202 * went wrong.
203 *
204 * @ingroup ntlm_core
205 */
206
207int
208heim_ntlm_encode_targetinfo (
209	const struct ntlm_targetinfo *ti,
210	int ucs2,
211	struct ntlm_buf *data);
212
213/**
214 * Encodes an ntlm_type1 message.
215 *
216 * @param type1 the ntlm_type1 message to encode.
217 * @param data is the return buffer with the encoded message, should be
218 * freed with heim_ntlm_free_buf().
219 *
220 * @return In case of success 0 is return, an errors, a errno in what
221 * went wrong.
222 *
223 * @ingroup ntlm_core
224 */
225
226int
227heim_ntlm_encode_type1 (
228	const struct ntlm_type1 *type1,
229	struct ntlm_buf *data);
230
231/**
232 * Encodes an ntlm_type2 message.
233 *
234 * @param type2 the ntlm_type2 message to encode.
235 * @param data is the return buffer with the encoded message, should be
236 * freed with heim_ntlm_free_buf().
237 *
238 * @return In case of success 0 is return, an errors, a errno in what
239 * went wrong.
240 *
241 * @ingroup ntlm_core
242 */
243
244int
245heim_ntlm_encode_type2 (
246	const struct ntlm_type2 *type2,
247	struct ntlm_buf *data);
248
249/**
250 * Encodes an ntlm_type3 message.
251 *
252 * @param type3 the ntlm_type3 message to encode.
253 * @param data is the return buffer with the encoded message, should be
254 * freed with heim_ntlm_free_buf().
255 *
256 * @return In case of success 0 is return, an errors, a errno in what
257 * went wrong.
258 *
259 * @ingroup ntlm_core
260 */
261
262int
263heim_ntlm_encode_type3 (
264	const struct ntlm_type3 *type3,
265	struct ntlm_buf *data,
266	size_t *mic_offset);
267
268/**
269 * heim_ntlm_free_buf frees the ntlm buffer
270 *
271 * @param p buffer to be freed
272 *
273 * @ingroup ntlm_core
274 */
275
276void
277heim_ntlm_free_buf (struct ntlm_buf *p);
278
279/**
280 * Frees the ntlm_targetinfo message
281 *
282 * @param ti targetinfo to be freed
283 *
284 * @ingroup ntlm_core
285 */
286
287void
288heim_ntlm_free_targetinfo (struct ntlm_targetinfo *ti);
289
290/**
291 * Frees the ntlm_type1 message
292 *
293 * @param data message to be freed
294 *
295 * @ingroup ntlm_core
296 */
297
298void
299heim_ntlm_free_type1 (struct ntlm_type1 *data);
300
301/**
302 * Frees the ntlm_type2 message
303 *
304 * @param data message to be freed
305 *
306 * @ingroup ntlm_core
307 */
308
309void
310heim_ntlm_free_type2 (struct ntlm_type2 *data);
311
312/**
313 * Frees the ntlm_type3 message
314 *
315 * @param data message to be freed
316 *
317 * @ingroup ntlm_core
318 */
319
320void
321heim_ntlm_free_type3 (struct ntlm_type3 *data);
322
323/**
324 * Given a key and encrypted session, unwrap the session key
325 *
326 * @param baseKey the sessionBaseKey
327 * @param encryptedSession encrypted session, type3.session field.
328 * @param session generated session nonce, should be freed with heim_ntlm_free_buf().
329 *
330 * @return In case of success 0 is return, an errors, a errno in what
331 * went wrong.
332 *
333 * @ingroup ntlm_core
334 */
335
336int
337heim_ntlm_keyex_unwrap (
338	struct ntlm_buf *baseKey,
339	struct ntlm_buf *encryptedSession,
340	struct ntlm_buf *session);
341
342int
343heim_ntlm_keyex_wrap (
344	struct ntlm_buf *base_session,
345	struct ntlm_buf *session,
346	struct ntlm_buf *encryptedSession);
347
348/**
349 *
350 * @ingroup ntlm_core
351 */
352
353int
354heim_ntlm_mppe_getasymmetricstartkey (
355	const uint8_t MasterKey[16],
356	uint8_t *MasterXKey,
357	size_t len,
358	int isSend,
359	int isServer);
360
361/**
362 *
363 * @ingroup ntlm_core
364 */
365
366int
367heim_ntlm_mppe_getmasterkey (
368	const uint8_t ntlmHashHash[16],
369	const uint8_t ntlmResponse[24],
370	uint8_t masterKey[16]);
371
372int
373heim_ntlm_mppe_getsessionkey (
374	const uint8_t ntlmHash[16],
375	const uint8_t ntlmResponse[24],
376	int isServer,
377	size_t len,
378	uint8_t *sendKey,
379	uint8_t *recvKey);
380
381/**
382 * Calculate the NTLM key, the password is assumed to be in UTF8.
383 *
384 * @param password password to calcute the key for.
385 * @param key calcuted key, should be freed with heim_ntlm_free_buf().
386 *
387 * @return In case of success 0 is return, an errors, a errno in what
388 * went wrong.
389 *
390 * @ingroup ntlm_core
391 */
392
393int
394heim_ntlm_nt_key (
395	const char *password,
396	struct ntlm_buf *key);
397
398/**
399 * Generates an NTLMv2 session key.
400 *
401 * @param key the ntlm key
402 * @param len length of key
403 * @param username name of the user, as sent in the message, assumed to be in UTF8.
404 * @param target the name of the target, assumed to be in UTF8.
405 * @param upper_case_target upper case the target, should not be used only for legacy systems
406 * @param ntlmv2 the ntlmv2 session key
407 *
408 * @return 0 on success, or an error code on failure.
409 *
410 * @ingroup ntlm_core
411 */
412
413int
414heim_ntlm_ntlmv2_key (
415	const void *key,
416	size_t len,
417	const char *username,
418	const char *target,
419	int upper_case_target,
420	unsigned char ntlmv2[16]);
421
422time_t
423heim_ntlm_ts2unixtime (uint64_t t);
424
425uint64_t
426heim_ntlm_unix2ts_time (time_t unix_time);
427
428/**
429 @defgroup ntlm_core Heimdal NTLM library *
430 * The NTLM core functions implement the string2key generation
431 * function, message encode and decode function, and the hash function
432 * functions.
433 */
434
435size_t
436heim_ntlm_unparse_flags (
437	uint32_t flags,
438	char *s,
439	size_t len);
440
441int
442heim_ntlm_v1_base_session (
443	void *key,
444	size_t len,
445	struct ntlm_buf *session);
446
447int
448heim_ntlm_v2_base_session (
449	void *key,
450	size_t len,
451	struct ntlm_buf *ntlmResponse,
452	struct ntlm_buf *session);
453
454/**
455 * Verify NTLMv2 response.
456 *
457 * @param key the ntlm key
458 * @param len length of key
459 * @param username name of the user, as sent in the message, assumed to be in UTF8.
460 * @param target the name of the target, assumed to be in UTF8.
461 * @param now the time now (0 if the library should pick it up itself)
462 * @param serverchallenge challenge as sent by the server in the type2 message.
463 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf().
464 * @param infotarget infotarget as sent by the server in the type2 message.
465 * @param ntlmv2 calculated session key
466 *
467 * @return In case of success 0 is return, an errors, a errno in what
468 * went wrong.
469 *
470 * @ingroup ntlm_core
471 */
472
473int
474heim_ntlm_verify_ntlm2 (
475	const void *key,
476	size_t len,
477	const char *username,
478	const char *target,
479	time_t now,
480	const unsigned char serverchallenge[8],
481	const struct ntlm_buf *answer,
482	struct ntlm_buf *infotarget,
483	unsigned char ntlmv2[16]);
484
485#ifdef __cplusplus
486}
487#endif
488
489#endif /* __heimntlm_protos_h__ */
490