1#ifndef HEADER_CURL_NTLM_CORE_H
2#define HEADER_CURL_NTLM_CORE_H
3/***************************************************************************
4 * _ _ ____ _
5 * Project ___| | | | _ \| |
6 * / __| | | | |_) | |
7 * | (__| |_| | _ <| |___
8 * \___|\___/|_| \_\_____|
9 *
10 * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
11 *
12 * This software is licensed as described in the file COPYING, which
13 * you should have received as part of this distribution. The terms
14 * are also available at https://curl.haxx.se/docs/copyright.html.
15 *
16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
17 * copies of the Software, and permit persons to whom the Software is
18 * furnished to do so, under the terms of the COPYING file.
19 *
20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
21 * KIND, either express or implied.
22 *
23 ***************************************************************************/
24
25#include "curl_setup.h"
26
27#if defined(USE_NTLM)
28
29/* If NSS is the first available SSL backend (see order in curl_ntlm_core.c)
30 then it must be initialized to be used by NTLM. */
31#if !defined(USE_OPENSSL) && \
32 !defined(USE_GNUTLS_NETTLE) && \
33 !defined(USE_GNUTLS) && \
34 defined(USE_NSS)
35#define NTLM_NEEDS_NSS_INIT
36#endif
37
38#if !defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO)
39
40#ifdef USE_OPENSSL
41# include <openssl/ssl.h>
42#endif
43
44/* Define USE_NTRESPONSES in order to make the type-3 message include
45 * the NT response message. */
46#define USE_NTRESPONSES
47
48/* Define USE_NTLM2SESSION in order to make the type-3 message include the
49 NTLM2Session response message, requires USE_NTRESPONSES defined to 1 and a
50 Crypto engine that we have curl_ssl_md5sum() for. */
51#if defined(USE_NTRESPONSES) && \
52 (!defined(USE_WIN32_CRYPTO) || \
53 (defined(USE_SSL) && !defined(CURL_DISABLE_CRYPTO_AUTH)))
54#define USE_NTLM2SESSION
55#endif
56
57/* Define USE_NTLM_V2 in order to allow the type-3 message to include the
58 LMv2 and NTLMv2 response messages, requires USE_NTRESPONSES defined to 1
59 and support for 64-bit integers. */
60#if defined(USE_NTRESPONSES) && (CURL_SIZEOF_CURL_OFF_T > 4)
61#define USE_NTLM_V2
62#endif
63
64void Curl_ntlm_core_lm_resp(const unsigned char *keys,
65 const unsigned char *plaintext,
66 unsigned char *results);
67
68CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data,
69 const char *password,
70 unsigned char *lmbuffer /* 21 bytes */);
71
72#ifdef USE_NTRESPONSES
73CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data,
74 const char *password,
75 unsigned char *ntbuffer /* 21 bytes */);
76
77#if defined(USE_NTLM_V2) && !defined(USE_WINDOWS_SSPI)
78
79CURLcode Curl_hmac_md5(const unsigned char *key, unsigned int keylen,
80 const unsigned char *data, unsigned int datalen,
81 unsigned char *output);
82
83CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen,
84 const char *domain, size_t domlen,
85 unsigned char *ntlmhash,
86 unsigned char *ntlmv2hash);
87
88CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
89 unsigned char *challenge_client,
90 struct ntlmdata *ntlm,
91 unsigned char **ntresp,
92 unsigned int *ntresp_len);
93
94CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash,
95 unsigned char *challenge_client,
96 unsigned char *challenge_server,
97 unsigned char *lmresp);
98
99#endif /* USE_NTLM_V2 && !USE_WINDOWS_SSPI */
100
101#endif /* USE_NTRESPONSES */
102
103#endif /* !USE_WINDOWS_SSPI || USE_WIN32_CRYPTO */
104
105#endif /* USE_NTLM */
106
107#endif /* HEADER_CURL_NTLM_CORE_H */
108