2008-03-05 09:52:00 -05:00
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
//
|
|
|
|
|
// Microsoft Research Singularity
|
|
|
|
|
//
|
|
|
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// File: NtlmMessages.cs
|
|
|
|
|
//
|
|
|
|
|
// Note:
|
|
|
|
|
//
|
2008-11-17 18:29:00 -05:00
|
|
|
// This file contains structures and enumerated types of the NTLM
|
|
|
|
|
// authentication protocol.
|
2008-03-05 09:52:00 -05:00
|
|
|
//
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
using System;
|
|
|
|
|
using System.Runtime.InteropServices;
|
|
|
|
|
|
|
|
|
|
namespace System.Security.Protocols.Ntlm
|
|
|
|
|
{
|
|
|
|
|
class NtlmConstants
|
|
|
|
|
{
|
|
|
|
|
#if false
|
|
|
|
|
public static readonly byte[]! MessageSignature = {
|
|
|
|
|
(byte)'N',
|
|
|
|
|
(byte)'T',
|
|
|
|
|
(byte)'L',
|
|
|
|
|
(byte)'M',
|
|
|
|
|
(byte)'S',
|
|
|
|
|
(byte)'S',
|
|
|
|
|
(byte)'P',
|
|
|
|
|
0
|
|
|
|
|
};
|
|
|
|
|
#endif
|
2008-11-17 18:29:00 -05:00
|
|
|
|
2008-03-05 09:52:00 -05:00
|
|
|
// This is the NTLM message signature, encoded as a little-endian ulong.
|
2008-11-17 18:29:00 -05:00
|
|
|
public const ulong MessageSignature64Le =
|
|
|
|
|
((ulong)'N')
|
|
|
|
|
| (((ulong)'T') << 8)
|
|
|
|
|
| (((ulong)'L') << 0x10)
|
|
|
|
|
| (((ulong)'M') << 0x18)
|
|
|
|
|
| (((ulong)'S') << 0x20)
|
|
|
|
|
| (((ulong)'S') << 0x28)
|
|
|
|
|
| (((ulong)'P') << 0x30)
|
|
|
|
|
/* 0x38 position is zero */;
|
2008-03-05 09:52:00 -05:00
|
|
|
|
|
|
|
|
public const int HeaderLength = 0x10;
|
|
|
|
|
|
|
|
|
|
public const int ChallengeLength = 8;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public enum NtlmMessageType
|
|
|
|
|
{
|
|
|
|
|
Negotiate = 1,
|
|
|
|
|
Challenge = 2,
|
|
|
|
|
Response = 3,
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
///
|
|
|
|
|
// <summary>
|
|
|
|
|
// All NTLMSSP messages begin with this header.
|
|
|
|
|
// </summary>
|
|
|
|
|
//
|
|
|
|
|
[StructLayout(LayoutKind.Sequential, Pack=1)]
|
|
|
|
|
pointerfree struct NtlmMessageHeader
|
|
|
|
|
{
|
|
|
|
|
/// <summary>
|
|
|
|
|
/// This value should always be "NTLMSSP\0", encoded as a little-endian 64-bit ulong.
|
|
|
|
|
/// NtlmConstants.MessageSignature64Le encodes this value.
|
|
|
|
|
/// </summary>
|
|
|
|
|
//
|
|
|
|
|
public ulong Signature;
|
|
|
|
|
|
|
|
|
|
/// <summary>A value from NtlmMessageType.</summary>
|
|
|
|
|
public uint MessageType;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
///
|
|
|
|
|
//<summary>
|
|
|
|
|
//The Negotiate message is the first message in an NTLM exchange.
|
|
|
|
|
//The client (supplicant) sends this message to the server, requesting a session
|
|
|
|
|
//and indicating what kind of options this client supports. The OemDomainName
|
|
|
|
|
//and OemWorkstationName values can be provided for diagnostics and logging,
|
|
|
|
|
//but the server is under no obligation to trust them.
|
|
|
|
|
//</summary>
|
|
|
|
|
//
|
|
|
|
|
[StructLayout(LayoutKind.Sequential, Pack=1)]
|
|
|
|
|
pointerfree struct NtlmNegotiateMessage
|
|
|
|
|
{
|
|
|
|
|
public NtlmMessageHeader Header;
|
|
|
|
|
public uint NegotiateFlags;
|
|
|
|
|
public BufferRegion OemDomainName;
|
|
|
|
|
public BufferRegion OemWorkstationName;
|
|
|
|
|
public ulong Version;
|
|
|
|
|
}
|
2008-03-05 09:52:00 -05:00
|
|
|
|
|
|
|
|
[Flags]
|
|
|
|
|
public enum NtlmNegotiateFlags
|
|
|
|
|
{
|
|
|
|
|
None = 0,
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
/// <summary>Text strings are in unicode</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateUnicode = 0x00000001,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Text strings are in OEM</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateOem = 0x00000002,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Server should return its authentication realm</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
RequestTarget = 0x00000004,
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
/// <summary>Request signature capability</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateSign = 0x00000010,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Request confidentiality</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateSeal = 0x00000020,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Use datagram style authentication</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateDatagram = 0x00000040,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Use LM session key for sign/seal</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateLmKey = 0x00000080,
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
/// <summary>NetWare authentication</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateNetware = 0x00000100,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>NTLM authentication</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateNtlm = 0x00000200,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>NT authentication only (no LM)</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateNtOnly = 0x00000400,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>NULL Sessions on NT 5.0 and beyond</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateNullSession = 0x00000800,
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
/// <summary>Domain Name supplied on negotiate</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateOemDomainSupplied = 0x1000,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Workstation Name supplied on negotiate</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateOemWorkstationSupplied = 0x2000,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Indicates client/server are same machine</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateLocalCall = 0x00004000,
|
2008-11-17 18:29:00 -05:00
|
|
|
|
|
|
|
|
/// <summary>Sign for all security levels</summary>
|
2008-03-05 09:52:00 -05:00
|
|
|
NegotiateAlwaysSign = 0x00008000,
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-17 18:29:00 -05:00
|
|
|
///
|
|
|
|
|
//<summary>
|
|
|
|
|
// <para>
|
|
|
|
|
// Describes the header for the NTLM "Challenge" message. This message is also known as an
|
|
|
|
|
// NTLM "Type 3" message. This message is sent from a server (authenticator) to a client
|
|
|
|
|
// (supplicant). The server generates a random 8-byte challenge (nonce).
|
|
|
|
|
// </para>
|
|
|
|
|
//</summary>
|
|
|
|
|
//
|
|
|
|
|
[StructLayout(LayoutKind.Sequential, Pack=1)]
|
|
|
|
|
pointerfree struct NtlmChallengeMessage
|
|
|
|
|
{
|
|
|
|
|
public NtlmMessageHeader Header;
|
|
|
|
|
|
|
|
|
|
///
|
|
|
|
|
//<summary>
|
|
|
|
|
// The domain name (realm name) of the server. This value may or may not be present.
|
|
|
|
|
// If the NtlmNegotiateFlag.RequestTarget flag is set in the Negotiate message, then
|
|
|
|
|
// the client requests this field, but the server is not obligated to send this value.
|
|
|
|
|
//</summary>
|
|
|
|
|
//
|
|
|
|
|
public BufferRegion TargetName;
|
|
|
|
|
|
|
|
|
|
/// <summary>The set of negotiation flags that the server has agreed to.</summary>
|
|
|
|
|
public uint NegotiateFlags;
|
|
|
|
|
|
|
|
|
|
/// <summary>The 8-byte challenge, encoded as a 64-bit integer.</summary>
|
|
|
|
|
public ulong PackedChallenge;
|
|
|
|
|
|
|
|
|
|
// The contents of the TargetName follow.
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
///
|
|
|
|
|
//<summary>
|
|
|
|
|
// <para>
|
|
|
|
|
// This structure describes the header for the NTLM "Response" message, also known as the NTLM
|
|
|
|
|
// "Type 3" message. This message is sent from the client (supplicant) to the server (authenticator),
|
|
|
|
|
// and is the last message in the exchange. This message proves that the client has valid credentials.
|
|
|
|
|
// </para>
|
|
|
|
|
//</summary>
|
|
|
|
|
//
|
|
|
|
|
[StructLayout(LayoutKind.Sequential, Pack=1)]
|
|
|
|
|
pointerfree struct NtlmResponseMessage
|
|
|
|
|
{
|
|
|
|
|
public NtlmMessageHeader Header;
|
|
|
|
|
|
|
|
|
|
/// <summary>Describes the size and location of the LAN Manager response.</summary>
|
|
|
|
|
public BufferRegion LmChallengeResponse;
|
|
|
|
|
|
|
|
|
|
/// <summary>Describes the size and location of the NT response.</summary>
|
|
|
|
|
public BufferRegion NtChallengeResponse;
|
|
|
|
|
|
|
|
|
|
/// <summary>Describes the size and location of the domain name of the authenticating user.</summary>
|
|
|
|
|
public BufferRegion DomainName;
|
|
|
|
|
|
|
|
|
|
/// <summary>Describes the size and location of the username of the authenticating user.</summary>
|
|
|
|
|
public BufferRegion UserName;
|
|
|
|
|
|
|
|
|
|
/// <summary>Describes the size and location of the workstation name (computer name) of the client's computer.</summary>
|
|
|
|
|
public BufferRegion Workstation;
|
|
|
|
|
|
|
|
|
|
// The contents of the many BufferRegion fields follow.
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
///
|
|
|
|
|
//<summary>
|
|
|
|
|
// <para>
|
|
|
|
|
// Identifies a region within a buffer. This structure is compatible with the STRING32 structure
|
|
|
|
|
// used by NT, which is used to describe the offset and length of variable-length strings that are
|
|
|
|
|
// stored after a fixed-length message header.
|
|
|
|
|
// </para>
|
|
|
|
|
//
|
|
|
|
|
// <para>
|
|
|
|
|
// NTLM uses this structure to describe the size and location variable-length strings in NTLMSSP messages.
|
|
|
|
|
// </para>
|
|
|
|
|
//</summary>
|
|
|
|
|
//
|
|
|
|
|
[StructLayout(LayoutKind.Sequential, Pack=1)]
|
|
|
|
|
pointerfree struct BufferRegion
|
|
|
|
|
{
|
|
|
|
|
public ushort Length; // the length in bytes of the string
|
|
|
|
|
public ushort MaximumLength; // the maximum number of bytes to write to the buffer (n/a in networking!)
|
|
|
|
|
public ushort Offset; // offset within the message of this string
|
|
|
|
|
public ushort Reserved; // always zero
|
|
|
|
|
|
|
|
|
|
public BufferRegion(ushort length, ushort maximumLength, ushort offset)
|
|
|
|
|
{
|
|
|
|
|
this.Length = length;
|
|
|
|
|
this.MaximumLength = maximumLength;
|
|
|
|
|
this.Offset = offset;
|
|
|
|
|
this.Reserved = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-03-05 09:52:00 -05:00
|
|
|
}
|
