1/* This is a generated file */ 2#ifndef __heimntlm_protos_h__ 3#define __heimntlm_protos_h__ 4 5#include <stdarg.h> 6 7#ifdef __cplusplus 8extern "C" { 9#endif 10 11/** 12 * Generates an NTLMv1 session random with assosited session master key. 13 * 14 * @param key the ntlm v1 key 15 * @param len length of key 16 * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). 17 * @param master calculated session master key, should be freed with heim_ntlm_free_buf(). 18 * 19 * @return In case of success 0 is return, an errors, a errno in what 20 * went wrong. 21 * 22 * @ingroup ntlm_core 23 */ 24 25int 26heim_ntlm_build_ntlm1_master ( 27 void *key, 28 size_t len, 29 struct ntlm_buf *session, 30 struct ntlm_buf *master); 31 32/** 33 * Generates an NTLMv2 session random with associated session master key. 34 * 35 * @param key the NTLMv2 key 36 * @param len length of key 37 * @param blob the NTLMv2 "blob" 38 * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). 39 * @param master calculated session master key, should be freed with heim_ntlm_free_buf(). 40 * 41 * @return In case of success 0 is return, an errors, a errno in what 42 * went wrong. 43 * 44 * @ingroup ntlm_core 45 */ 46 47int 48heim_ntlm_build_ntlm2_master ( 49 void *key, 50 size_t len, 51 struct ntlm_buf *blob, 52 struct ntlm_buf *session, 53 struct ntlm_buf *master); 54 55/** 56 * Calculate LMv2 response 57 * 58 * @param key the ntlm key 59 * @param len length of key 60 * @param username name of the user, as sent in the message, assumed to be in UTF8. 61 * @param target the name of the target, assumed to be in UTF8. 62 * @param serverchallenge challenge as sent by the server in the type2 message. 63 * @param ntlmv2 calculated session key 64 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). 65 * 66 * @return In case of success 0 is return, an errors, a errno in what 67 * went wrong. 68 * 69 * @ingroup ntlm_core 70 */ 71 72int 73heim_ntlm_calculate_lm2 ( 74 const void *key, 75 size_t len, 76 const char *username, 77 const char *target, 78 const unsigned char serverchallenge[8], 79 unsigned char ntlmv2[16], 80 struct ntlm_buf *answer); 81 82/** 83 * Calculate NTLMv1 response hash 84 * 85 * @param key the ntlm v1 key 86 * @param len length of key 87 * @param challenge sent by the server 88 * @param answer calculated answer, should be freed with heim_ntlm_free_buf(). 89 * 90 * @return In case of success 0 is return, an errors, a errno in what 91 * went wrong. 92 * 93 * @ingroup ntlm_core 94 */ 95 96int 97heim_ntlm_calculate_ntlm1 ( 98 void *key, 99 size_t len, 100 unsigned char challenge[8], 101 struct ntlm_buf *answer); 102 103/** 104 * Calculate NTLMv2 response 105 * 106 * @param key the ntlm key 107 * @param len length of key 108 * @param username name of the user, as sent in the message, assumed to be in UTF8. 109 * @param target the name of the target, assumed to be in UTF8. 110 * @param serverchallenge challenge as sent by the server in the type2 message. 111 * @param infotarget infotarget as sent by the server in the type2 message. 112 * @param ntlmv2 calculated session key 113 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). 114 * 115 * @return In case of success 0 is return, an errors, a errno in what 116 * went wrong. 117 * 118 * @ingroup ntlm_core 119 */ 120 121int 122heim_ntlm_calculate_ntlm2 ( 123 const void *key, 124 size_t len, 125 const char *username, 126 const char *target, 127 const unsigned char serverchallenge[8], 128 const struct ntlm_buf *infotarget, 129 unsigned char ntlmv2[16], 130 struct ntlm_buf *answer); 131 132/** 133 * Third check with empty domain. 134 */ 135 136int 137heim_ntlm_calculate_ntlm2_sess ( 138 const unsigned char clnt_nonce[8], 139 const unsigned char svr_chal[8], 140 const unsigned char ntlm_hash[16], 141 struct ntlm_buf *lm, 142 struct ntlm_buf *ntlm); 143 144int 145heim_ntlm_calculate_ntlm2_sess_hash ( 146 const unsigned char clnt_nonce[8], 147 const unsigned char svr_chal[8], 148 unsigned char verifier[8]); 149 150/** 151 * Decodes an NTLM targetinfo message 152 * 153 * @param data input data buffer with the encode NTLM targetinfo message 154 * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message). 155 * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo(). 156 * 157 * @return In case of success 0 is return, an errors, a errno in what 158 * went wrong. 159 * 160 * @ingroup ntlm_core 161 */ 162 163int 164heim_ntlm_decode_targetinfo ( 165 const struct ntlm_buf *data, 166 int ucs2, 167 struct ntlm_targetinfo *ti); 168 169int 170heim_ntlm_decode_type1 ( 171 const struct ntlm_buf *buf, 172 struct ntlm_type1 *data); 173 174int 175heim_ntlm_decode_type2 ( 176 const struct ntlm_buf *buf, 177 struct ntlm_type2 *type2); 178 179int 180heim_ntlm_decode_type3 ( 181 const struct ntlm_buf *buf, 182 int ucs2, 183 struct ntlm_type3 *type3); 184 185void 186heim_ntlm_derive_ntlm2_sess ( 187 const unsigned char sessionkey[16], 188 const unsigned char *clnt_nonce, 189 size_t clnt_nonce_length, 190 const unsigned char svr_chal[8], 191 unsigned char derivedkey[16]); 192 193/** 194 * Encodes a ntlm_targetinfo message. 195 * 196 * @param ti the ntlm_targetinfo message to encode. 197 * @param ucs2 ignored 198 * @param data is the return buffer with the encoded message, should be 199 * freed with heim_ntlm_free_buf(). 200 * 201 * @return In case of success 0 is return, an errors, a errno in what 202 * went wrong. 203 * 204 * @ingroup ntlm_core 205 */ 206 207int 208heim_ntlm_encode_targetinfo ( 209 const struct ntlm_targetinfo *ti, 210 int ucs2, 211 struct ntlm_buf *data); 212 213/** 214 * Encodes an ntlm_type1 message. 215 * 216 * @param type1 the ntlm_type1 message to encode. 217 * @param data is the return buffer with the encoded message, should be 218 * freed with heim_ntlm_free_buf(). 219 * 220 * @return In case of success 0 is return, an errors, a errno in what 221 * went wrong. 222 * 223 * @ingroup ntlm_core 224 */ 225 226int 227heim_ntlm_encode_type1 ( 228 const struct ntlm_type1 *type1, 229 struct ntlm_buf *data); 230 231/** 232 * Encodes an ntlm_type2 message. 233 * 234 * @param type2 the ntlm_type2 message to encode. 235 * @param data is the return buffer with the encoded message, should be 236 * freed with heim_ntlm_free_buf(). 237 * 238 * @return In case of success 0 is return, an errors, a errno in what 239 * went wrong. 240 * 241 * @ingroup ntlm_core 242 */ 243 244int 245heim_ntlm_encode_type2 ( 246 const struct ntlm_type2 *type2, 247 struct ntlm_buf *data); 248 249/** 250 * Encodes an ntlm_type3 message. 251 * 252 * @param type3 the ntlm_type3 message to encode. 253 * @param data is the return buffer with the encoded message, should be 254 * freed with heim_ntlm_free_buf(). 255 * 256 * @return In case of success 0 is return, an errors, a errno in what 257 * went wrong. 258 * 259 * @ingroup ntlm_core 260 */ 261 262int 263heim_ntlm_encode_type3 ( 264 const struct ntlm_type3 *type3, 265 struct ntlm_buf *data, 266 size_t *mic_offset); 267 268/** 269 * heim_ntlm_free_buf frees the ntlm buffer 270 * 271 * @param p buffer to be freed 272 * 273 * @ingroup ntlm_core 274 */ 275 276void 277heim_ntlm_free_buf (struct ntlm_buf *p); 278 279/** 280 * Frees the ntlm_targetinfo message 281 * 282 * @param ti targetinfo to be freed 283 * 284 * @ingroup ntlm_core 285 */ 286 287void 288heim_ntlm_free_targetinfo (struct ntlm_targetinfo *ti); 289 290/** 291 * Frees the ntlm_type1 message 292 * 293 * @param data message to be freed 294 * 295 * @ingroup ntlm_core 296 */ 297 298void 299heim_ntlm_free_type1 (struct ntlm_type1 *data); 300 301/** 302 * Frees the ntlm_type2 message 303 * 304 * @param data message to be freed 305 * 306 * @ingroup ntlm_core 307 */ 308 309void 310heim_ntlm_free_type2 (struct ntlm_type2 *data); 311 312/** 313 * Frees the ntlm_type3 message 314 * 315 * @param data message to be freed 316 * 317 * @ingroup ntlm_core 318 */ 319 320void 321heim_ntlm_free_type3 (struct ntlm_type3 *data); 322 323/** 324 * Given a key and encrypted session, unwrap the session key 325 * 326 * @param baseKey the sessionBaseKey 327 * @param encryptedSession encrypted session, type3.session field. 328 * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). 329 * 330 * @return In case of success 0 is return, an errors, a errno in what 331 * went wrong. 332 * 333 * @ingroup ntlm_core 334 */ 335 336int 337heim_ntlm_keyex_unwrap ( 338 struct ntlm_buf *baseKey, 339 struct ntlm_buf *encryptedSession, 340 struct ntlm_buf *session); 341 342int 343heim_ntlm_keyex_wrap ( 344 struct ntlm_buf *base_session, 345 struct ntlm_buf *session, 346 struct ntlm_buf *encryptedSession); 347 348/** 349 * 350 * @ingroup ntlm_core 351 */ 352 353int 354heim_ntlm_mppe_getasymmetricstartkey ( 355 const uint8_t MasterKey[16], 356 uint8_t *MasterXKey, 357 size_t len, 358 int isSend, 359 int isServer); 360 361/** 362 * 363 * @ingroup ntlm_core 364 */ 365 366int 367heim_ntlm_mppe_getmasterkey ( 368 const uint8_t ntlmHashHash[16], 369 const uint8_t ntlmResponse[24], 370 uint8_t masterKey[16]); 371 372int 373heim_ntlm_mppe_getsessionkey ( 374 const uint8_t ntlmHash[16], 375 const uint8_t ntlmResponse[24], 376 int isServer, 377 size_t len, 378 uint8_t *sendKey, 379 uint8_t *recvKey); 380 381/** 382 * Calculate the NTLM key, the password is assumed to be in UTF8. 383 * 384 * @param password password to calcute the key for. 385 * @param key calcuted key, should be freed with heim_ntlm_free_buf(). 386 * 387 * @return In case of success 0 is return, an errors, a errno in what 388 * went wrong. 389 * 390 * @ingroup ntlm_core 391 */ 392 393int 394heim_ntlm_nt_key ( 395 const char *password, 396 struct ntlm_buf *key); 397 398/** 399 * Generates an NTLMv2 session key. 400 * 401 * @param key the ntlm key 402 * @param len length of key 403 * @param username name of the user, as sent in the message, assumed to be in UTF8. 404 * @param target the name of the target, assumed to be in UTF8. 405 * @param upper_case_target upper case the target, should not be used only for legacy systems 406 * @param ntlmv2 the ntlmv2 session key 407 * 408 * @return 0 on success, or an error code on failure. 409 * 410 * @ingroup ntlm_core 411 */ 412 413int 414heim_ntlm_ntlmv2_key ( 415 const void *key, 416 size_t len, 417 const char *username, 418 const char *target, 419 int upper_case_target, 420 unsigned char ntlmv2[16]); 421 422time_t 423heim_ntlm_ts2unixtime (uint64_t t); 424 425uint64_t 426heim_ntlm_unix2ts_time (time_t unix_time); 427 428/** 429 @defgroup ntlm_core Heimdal NTLM library * 430 * The NTLM core functions implement the string2key generation 431 * function, message encode and decode function, and the hash function 432 * functions. 433 */ 434 435size_t 436heim_ntlm_unparse_flags ( 437 uint32_t flags, 438 char *s, 439 size_t len); 440 441int 442heim_ntlm_v1_base_session ( 443 void *key, 444 size_t len, 445 struct ntlm_buf *session); 446 447int 448heim_ntlm_v2_base_session ( 449 void *key, 450 size_t len, 451 struct ntlm_buf *ntlmResponse, 452 struct ntlm_buf *session); 453 454/** 455 * Verify NTLMv2 response. 456 * 457 * @param key the ntlm key 458 * @param len length of key 459 * @param username name of the user, as sent in the message, assumed to be in UTF8. 460 * @param target the name of the target, assumed to be in UTF8. 461 * @param now the time now (0 if the library should pick it up itself) 462 * @param serverchallenge challenge as sent by the server in the type2 message. 463 * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). 464 * @param infotarget infotarget as sent by the server in the type2 message. 465 * @param ntlmv2 calculated session key 466 * 467 * @return In case of success 0 is return, an errors, a errno in what 468 * went wrong. 469 * 470 * @ingroup ntlm_core 471 */ 472 473int 474heim_ntlm_verify_ntlm2 ( 475 const void *key, 476 size_t len, 477 const char *username, 478 const char *target, 479 time_t now, 480 const unsigned char serverchallenge[8], 481 const struct ntlm_buf *answer, 482 struct ntlm_buf *infotarget, 483 unsigned char ntlmv2[16]); 484 485#ifdef __cplusplus 486} 487#endif 488 489#endif /* __heimntlm_protos_h__ */ 490