Add function to calculate channel bindings hash

2 files changed, 39 insertions, 0 deletions

diff --git a/src/ntlm.h b/src/ntlm.h
index 648e811..da734c8 100644
--- a/src/ntlm.h
+++ b/src/ntlm.h
@@ -450,6 +450,18 @@ int ntlm_verify_mic(struct ntlm_key *key,
                     struct ntlm_buffer *authenticate_message,
                     struct ntlm_buffer *mic);
 
+/**
+ * @brief   NTLM hash client channel binding unhashed data
+ *
+ * @param unhashed      The unhashed channel bindings data
+ * @param signature     The MD5 signature
+ *
+ * @return 0 on success, or an error
+ */
+int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed,
+                               struct ntlm_buffer *signature);
+
+
 /* ############## ENCODING / DECODING ############## */
 
 /**
diff --git a/src/ntlm_crypto.c b/src/ntlm_crypto.c
index f3701db..a0b7f24 100644
--- a/src/ntlm_crypto.c
+++ b/src/ntlm_crypto.c
@@ -839,3 +839,30 @@ int ntlm_verify_mic(struct ntlm_key *key,
 
     return 0;
 }
+
+int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed,
+                               struct ntlm_buffer *signature)
+{
+    struct ntlm_buffer input;
+    uint32_t ulen;
+    int ret;
+
+    /* The channel bindings are calculated according to RFC4121, 4.1.1.2,
+     * with a all initiator and acceptor fields zeroed, so we need 4 zeroed
+     * 32bit fields, and one little endian length field to include in the
+     * MD5 calculation */
+    input.length = sizeof(uint32_t) * 5 + unhashed->length;
+    input.data = malloc(input.length);
+    if (!input.data) return EINVAL;
+
+    memset(input.data, 0, sizeof(uint32_t) * 4);
+    ulen = unhashed->length;
+    ulen = htole32(ulen);
+    memcpy(&input.data[sizeof(uint32_t) * 4], &ulen, sizeof(uint32_t));
+    memcpy(&input.data[sizeof(uint32_t) * 5], unhashed->data, unhashed->length);
+
+    ret = MD5_HASH(&input, signature);
+
+    safefree(input.data);
+    return ret;
+}