diff options
author | Simo Sorce <simo@redhat.com> | 2014-03-26 23:19:52 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-05-04 17:21:06 -0400 |
commit | ffc782afefb404e323ac30cc64e1852a3bcf83d5 (patch) | |
tree | 1e32c0475161baaf4b10a632bc48a04056ec7701 /src | |
parent | 2c216f464c7ec57995d03091e2748333ef6c4a02 (diff) | |
download | gss-ntlmssp-ffc782afefb404e323ac30cc64e1852a3bcf83d5.tar.gz gss-ntlmssp-ffc782afefb404e323ac30cc64e1852a3bcf83d5.tar.xz gss-ntlmssp-ffc782afefb404e323ac30cc64e1852a3bcf83d5.zip |
Add function to calculate channel bindings hash
Diffstat (limited to 'src')
-rw-r--r-- | src/ntlm.h | 12 | ||||
-rw-r--r-- | src/ntlm_crypto.c | 27 |
2 files changed, 39 insertions, 0 deletions
@@ -450,6 +450,18 @@ int ntlm_verify_mic(struct ntlm_key *key, struct ntlm_buffer *authenticate_message, struct ntlm_buffer *mic); +/** + * @brief NTLM hash client channel binding unhashed data + * + * @param unhashed The unhashed channel bindings data + * @param signature The MD5 signature + * + * @return 0 on success, or an error + */ +int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed, + struct ntlm_buffer *signature); + + /* ############## ENCODING / DECODING ############## */ /** diff --git a/src/ntlm_crypto.c b/src/ntlm_crypto.c index f3701db..a0b7f24 100644 --- a/src/ntlm_crypto.c +++ b/src/ntlm_crypto.c @@ -839,3 +839,30 @@ int ntlm_verify_mic(struct ntlm_key *key, return 0; } + +int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed, + struct ntlm_buffer *signature) +{ + struct ntlm_buffer input; + uint32_t ulen; + int ret; + + /* The channel bindings are calculated according to RFC4121, 4.1.1.2, + * with a all initiator and acceptor fields zeroed, so we need 4 zeroed + * 32bit fields, and one little endian length field to include in the + * MD5 calculation */ + input.length = sizeof(uint32_t) * 5 + unhashed->length; + input.data = malloc(input.length); + if (!input.data) return EINVAL; + + memset(input.data, 0, sizeof(uint32_t) * 4); + ulen = unhashed->length; + ulen = htole32(ulen); + memcpy(&input.data[sizeof(uint32_t) * 4], &ulen, sizeof(uint32_t)); + memcpy(&input.data[sizeof(uint32_t) * 5], unhashed->data, unhashed->length); + + ret = MD5_HASH(&input, signature); + + safefree(input.data); + return ret; +} |