From ffc782afefb404e323ac30cc64e1852a3bcf83d5 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 26 Mar 2014 23:19:52 -0400 Subject: Add function to calculate channel bindings hash --- src/ntlm.h | 12 ++++++++++++ src/ntlm_crypto.c | 27 +++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) (limited to 'src') diff --git a/src/ntlm.h b/src/ntlm.h index 648e811..da734c8 100644 --- a/src/ntlm.h +++ b/src/ntlm.h @@ -450,6 +450,18 @@ int ntlm_verify_mic(struct ntlm_key *key, struct ntlm_buffer *authenticate_message, struct ntlm_buffer *mic); +/** + * @brief NTLM hash client channel binding unhashed data + * + * @param unhashed The unhashed channel bindings data + * @param signature The MD5 signature + * + * @return 0 on success, or an error + */ +int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed, + struct ntlm_buffer *signature); + + /* ############## ENCODING / DECODING ############## */ /** diff --git a/src/ntlm_crypto.c b/src/ntlm_crypto.c index f3701db..a0b7f24 100644 --- a/src/ntlm_crypto.c +++ b/src/ntlm_crypto.c @@ -839,3 +839,30 @@ int ntlm_verify_mic(struct ntlm_key *key, return 0; } + +int ntlm_hash_channel_bindings(struct ntlm_buffer *unhashed, + struct ntlm_buffer *signature) +{ + struct ntlm_buffer input; + uint32_t ulen; + int ret; + + /* The channel bindings are calculated according to RFC4121, 4.1.1.2, + * with a all initiator and acceptor fields zeroed, so we need 4 zeroed + * 32bit fields, and one little endian length field to include in the + * MD5 calculation */ + input.length = sizeof(uint32_t) * 5 + unhashed->length; + input.data = malloc(input.length); + if (!input.data) return EINVAL; + + memset(input.data, 0, sizeof(uint32_t) * 4); + ulen = unhashed->length; + ulen = htole32(ulen); + memcpy(&input.data[sizeof(uint32_t) * 4], &ulen, sizeof(uint32_t)); + memcpy(&input.data[sizeof(uint32_t) * 5], unhashed->data, unhashed->length); + + ret = MD5_HASH(&input, signature); + + safefree(input.data); + return ret; +} -- cgit