FreeRDP
libwinpr/sspi/NTLM/ntlm.h
1 
20 #ifndef WINPR_SSPI_NTLM_PRIVATE_H
21 #define WINPR_SSPI_NTLM_PRIVATE_H
22 
23 #include <winpr/sspi.h>
24 #include <winpr/windows.h>
25 
26 #include <winpr/nt.h>
27 #include <winpr/crypto.h>
28 
29 #include "../sspi.h"
30 
31 #define MESSAGE_TYPE_NEGOTIATE 1
32 #define MESSAGE_TYPE_CHALLENGE 2
33 #define MESSAGE_TYPE_AUTHENTICATE 3
34 
35 #define NTLMSSP_NEGOTIATE_56 0x80000000 /* W (0) */
36 #define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 /* V (1) */
37 #define NTLMSSP_NEGOTIATE_128 0x20000000 /* U (2) */
38 #define NTLMSSP_RESERVED1 0x10000000 /* r1 (3) */
39 #define NTLMSSP_RESERVED2 0x08000000 /* r2 (4) */
40 #define NTLMSSP_RESERVED3 0x04000000 /* r3 (5) */
41 #define NTLMSSP_NEGOTIATE_VERSION 0x02000000 /* T (6) */
42 #define NTLMSSP_RESERVED4 0x01000000 /* r4 (7) */
43 #define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000 /* S (8) */
44 #define NTLMSSP_REQUEST_NON_NT_SESSION_KEY 0x00400000 /* R (9) */
45 #define NTLMSSP_RESERVED5 0x00200000 /* r5 (10) */
46 #define NTLMSSP_NEGOTIATE_IDENTIFY 0x00100000 /* Q (11) */
47 #define NTLMSSP_NEGOTIATE_EXTENDED_SESSION_SECURITY 0x00080000 /* P (12) */
48 #define NTLMSSP_RESERVED6 0x00040000 /* r6 (13) */
49 #define NTLMSSP_TARGET_TYPE_SERVER 0x00020000 /* O (14) */
50 #define NTLMSSP_TARGET_TYPE_DOMAIN 0x00010000 /* N (15) */
51 #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 /* M (16) */
52 #define NTLMSSP_RESERVED7 0x00004000 /* r7 (17) */
53 #define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000 /* L (18) */
54 #define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000 /* K (19) */
55 #define NTLMSSP_NEGOTIATE_ANONYMOUS 0x00000800 /* J (20) */
56 #define NTLMSSP_RESERVED8 0x00000400 /* r8 (21) */
57 #define NTLMSSP_NEGOTIATE_NTLM 0x00000200 /* H (22) */
58 #define NTLMSSP_RESERVED9 0x00000100 /* r9 (23) */
59 #define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 /* G (24) */
60 #define NTLMSSP_NEGOTIATE_DATAGRAM 0x00000040 /* F (25) */
61 #define NTLMSSP_NEGOTIATE_SEAL 0x00000020 /* E (26) */
62 #define NTLMSSP_NEGOTIATE_SIGN 0x00000010 /* D (27) */
63 #define NTLMSSP_RESERVED10 0x00000008 /* r10 (28) */
64 #define NTLMSSP_REQUEST_TARGET 0x00000004 /* C (29) */
65 #define NTLMSSP_NEGOTIATE_OEM 0x00000002 /* B (30) */
66 #define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 /* A (31) */
67 
68 typedef enum
69 {
70  NTLM_STATE_INITIAL,
71  NTLM_STATE_NEGOTIATE,
72  NTLM_STATE_CHALLENGE,
73  NTLM_STATE_AUTHENTICATE,
74  NTLM_STATE_FINAL
75 } NTLM_STATE;
76 
77 #ifdef __MINGW32__
78 typedef MSV1_0_AVID NTLM_AV_ID;
79 
80 #if __MINGW64_VERSION_MAJOR < 9
81 enum
82 {
83  MsvAvTimestamp = MsvAvFlags + 1,
84  MsvAvRestrictions,
85  MsvAvTargetName,
86  MsvAvChannelBindings,
87  MsvAvSingleHost = MsvAvRestrictions
88 };
89 
90 #else
91 #ifndef MsvAvSingleHost
92 #define MsvAvSingleHost MsvAvRestrictions
93 #endif
94 #endif
95 #else
96 typedef enum
97 {
98  MsvAvEOL,
99  MsvAvNbComputerName,
100  MsvAvNbDomainName,
101  MsvAvDnsComputerName,
102  MsvAvDnsDomainName,
103  MsvAvDnsTreeName,
104  MsvAvFlags,
105  MsvAvTimestamp,
106  MsvAvSingleHost,
107  MsvAvTargetName,
108  MsvAvChannelBindings
109 } NTLM_AV_ID;
110 #endif /* __MINGW32__ */
111 
112 typedef struct
113 {
114  UINT16 AvId;
115  UINT16 AvLen;
116 } NTLM_AV_PAIR;
117 
118 #define MSV_AV_FLAGS_AUTHENTICATION_CONSTRAINED 0x00000001
119 #define MSV_AV_FLAGS_MESSAGE_INTEGRITY_CHECK 0x00000002
120 #define MSV_AV_FLAGS_TARGET_SPN_UNTRUSTED_SOURCE 0x00000004
121 
122 #define WINDOWS_MAJOR_VERSION_5 0x05
123 #define WINDOWS_MAJOR_VERSION_6 0x06
124 #define WINDOWS_MINOR_VERSION_0 0x00
125 #define WINDOWS_MINOR_VERSION_1 0x01
126 #define WINDOWS_MINOR_VERSION_2 0x02
127 #define NTLMSSP_REVISION_W2K3 0x0F
128 
129 typedef struct
130 {
131  UINT8 ProductMajorVersion;
132  UINT8 ProductMinorVersion;
133  UINT16 ProductBuild;
134  BYTE Reserved[3];
135  UINT8 NTLMRevisionCurrent;
136 } NTLM_VERSION_INFO;
137 
138 typedef struct
139 {
140  UINT32 Size;
141  UINT32 Z4;
142  UINT32 DataPresent;
143  UINT32 CustomData;
144  BYTE MachineID[32];
145 } NTLM_SINGLE_HOST_DATA;
146 
147 typedef struct
148 {
149  BYTE Response[24];
150 } NTLM_RESPONSE;
151 
152 typedef struct
153 {
154  UINT8 RespType;
155  UINT8 HiRespType;
156  UINT16 Reserved1;
157  UINT32 Reserved2;
158  BYTE Timestamp[8];
159  BYTE ClientChallenge[8];
160  UINT32 Reserved3;
161  NTLM_AV_PAIR* AvPairs;
162  UINT32 cbAvPairs;
163 } NTLMv2_CLIENT_CHALLENGE;
164 
165 typedef struct
166 {
167  BYTE Response[16];
168  NTLMv2_CLIENT_CHALLENGE Challenge;
169 } NTLMv2_RESPONSE;
170 
171 typedef struct
172 {
173  UINT16 Len;
174  UINT16 MaxLen;
175  PBYTE Buffer;
176  UINT32 BufferOffset;
177 } NTLM_MESSAGE_FIELDS;
178 
179 typedef struct
180 {
181  BYTE Signature[8];
182  UINT32 MessageType;
183 } NTLM_MESSAGE_HEADER;
184 
185 typedef struct
186 {
187  NTLM_MESSAGE_HEADER header;
188  UINT32 NegotiateFlags;
189  NTLM_VERSION_INFO Version;
190  NTLM_MESSAGE_FIELDS DomainName;
191  NTLM_MESSAGE_FIELDS Workstation;
192 } NTLM_NEGOTIATE_MESSAGE;
193 
194 typedef struct
195 {
196  NTLM_MESSAGE_HEADER header;
197  UINT32 NegotiateFlags;
198  BYTE ServerChallenge[8];
199  BYTE Reserved[8];
200  NTLM_VERSION_INFO Version;
201  NTLM_MESSAGE_FIELDS TargetName;
202  NTLM_MESSAGE_FIELDS TargetInfo;
203 } NTLM_CHALLENGE_MESSAGE;
204 
205 typedef struct
206 {
207  NTLM_MESSAGE_HEADER header;
208  UINT32 NegotiateFlags;
209  NTLM_VERSION_INFO Version;
210  NTLM_MESSAGE_FIELDS DomainName;
211  NTLM_MESSAGE_FIELDS UserName;
212  NTLM_MESSAGE_FIELDS Workstation;
213  NTLM_MESSAGE_FIELDS LmChallengeResponse;
214  NTLM_MESSAGE_FIELDS NtChallengeResponse;
215  NTLM_MESSAGE_FIELDS EncryptedRandomSessionKey;
216  BYTE MessageIntegrityCheck[16];
217 } NTLM_AUTHENTICATE_MESSAGE;
218 
219 typedef struct
220 {
221  BOOL server;
222  BOOL NTLMv2;
223  BOOL UseMIC;
224  NTLM_STATE state;
225  int SendSeqNum;
226  int RecvSeqNum;
227  char* SamFile;
228  BYTE NtlmHash[16];
229  BYTE NtlmV2Hash[16];
230  BYTE MachineID[32];
231  BOOL SendVersionInfo;
232  BOOL confidentiality;
233  WINPR_RC4_CTX* SendRc4Seal;
234  WINPR_RC4_CTX* RecvRc4Seal;
235  BYTE* SendSigningKey;
236  BYTE* RecvSigningKey;
237  BYTE* SendSealingKey;
238  BYTE* RecvSealingKey;
239  UINT32 NegotiateFlags;
240  BOOL UseSamFileDatabase;
241  int LmCompatibilityLevel;
242  int SuppressExtendedProtection;
243  BOOL SendWorkstationName;
244  UNICODE_STRING Workstation;
245  UNICODE_STRING ServicePrincipalName;
246  SSPI_CREDENTIALS* credentials;
247  BYTE* ChannelBindingToken;
248  BYTE ChannelBindingsHash[16];
249  SecPkgContext_Bindings Bindings;
250  BOOL SendSingleHostData;
251  BOOL NegotiateKeyExchange;
252  NTLM_SINGLE_HOST_DATA SingleHostData;
253  NTLM_NEGOTIATE_MESSAGE NEGOTIATE_MESSAGE;
254  NTLM_CHALLENGE_MESSAGE CHALLENGE_MESSAGE;
255  NTLM_AUTHENTICATE_MESSAGE AUTHENTICATE_MESSAGE;
256  size_t MessageIntegrityCheckOffset;
257  SecBuffer NegotiateMessage;
258  SecBuffer ChallengeMessage;
259  SecBuffer AuthenticateMessage;
260  SecBuffer ChallengeTargetInfo;
261  SecBuffer AuthenticateTargetInfo;
262  SecBuffer TargetName;
263  SecBuffer NtChallengeResponse;
264  SecBuffer LmChallengeResponse;
265  NTLMv2_RESPONSE NTLMv2Response;
266  BYTE NtProofString[16];
267  BYTE Timestamp[8];
268  BYTE ChallengeTimestamp[8];
269  BYTE ServerChallenge[8];
270  BYTE ClientChallenge[8];
271  BYTE SessionBaseKey[16];
272  BYTE KeyExchangeKey[16];
273  BYTE RandomSessionKey[16];
274  BYTE ExportedSessionKey[16];
275  BYTE EncryptedRandomSessionKey[16];
276  BYTE ClientSigningKey[16];
277  BYTE ClientSealingKey[16];
278  BYTE ServerSigningKey[16];
279  BYTE ServerSealingKey[16];
280  psSspiNtlmHashCallback HashCallback;
281  void* HashCallbackArg;
282 } NTLM_CONTEXT;
283 
284 char* ntlm_negotiate_flags_string(char* buffer, size_t size, UINT32 flags);
285 const char* ntlm_message_type_string(UINT32 messageType);
286 
287 const char* ntlm_state_string(NTLM_STATE state);
288 void ntlm_change_state(NTLM_CONTEXT* ntlm, NTLM_STATE state);
289 NTLM_STATE ntlm_get_state(NTLM_CONTEXT* ntlm);
290 BOOL ntlm_reset_cipher_state(PSecHandle phContext);
291 
292 SECURITY_STATUS ntlm_computeProofValue(NTLM_CONTEXT* ntlm, SecBuffer* ntproof);
293 SECURITY_STATUS ntlm_computeMicValue(NTLM_CONTEXT* ntlm, SecBuffer* micvalue);
294 
295 #ifdef WITH_DEBUG_NLA
296 #define WITH_DEBUG_NTLM
297 #endif
298 
299 BOOL NTLM_init(void);
300 
301 #endif /* WINPR_SSPI_NTLM_PRIVATE_H */
LSA_UNICODE_STRING
Definition: nt.h:1418
NTLM_AUTHENTICATE_MESSAGE
Definition: libwinpr/sspi/NTLM/ntlm.h:206
NTLM_AV_PAIR
Definition: libwinpr/sspi/NTLM/ntlm.h:113
NTLM_CHALLENGE_MESSAGE
Definition: libwinpr/sspi/NTLM/ntlm.h:195
NTLM_CONTEXT
Definition: libwinpr/sspi/NTLM/ntlm.h:220
NTLM_MESSAGE_FIELDS
Definition: libwinpr/sspi/NTLM/ntlm.h:172
NTLM_MESSAGE_HEADER
Definition: libwinpr/sspi/NTLM/ntlm.h:180
NTLM_NEGOTIATE_MESSAGE
Definition: libwinpr/sspi/NTLM/ntlm.h:186
NTLM_RESPONSE
Definition: libwinpr/sspi/NTLM/ntlm.h:148
NTLM_SINGLE_HOST_DATA
Definition: libwinpr/sspi/NTLM/ntlm.h:139
NTLM_VERSION_INFO
Definition: libwinpr/sspi/NTLM/ntlm.h:130
NTLMv2_CLIENT_CHALLENGE
Definition: libwinpr/sspi/NTLM/ntlm.h:153
NTLMv2_RESPONSE
Definition: libwinpr/sspi/NTLM/ntlm.h:166
SSPI_CREDENTIALS
Definition: libwinpr/sspi/sspi.h:32
SecPkgContext_Bindings
Definition: include/winpr/sspi.h:551