CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()
[samba.git] / libcli / auth / proto.h
1 #ifndef _LIBCLI_AUTH_PROTO_H__
2 #define _LIBCLI_AUTH_PROTO_H__
3
4 #undef _PRINTF_ATTRIBUTE
5 #define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2)
6
7 /* this file contains prototypes for functions that are private 
8  * to this subsystem or library. These functions should not be 
9  * used outside this particular subsystem! */
10
11
12 /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/credentials.c  */
13
14 void netlogon_creds_des_encrypt_LMKey(struct netlogon_creds_CredentialState *creds, struct netr_LMSessionKey *key);
15 void netlogon_creds_des_decrypt_LMKey(struct netlogon_creds_CredentialState *creds, struct netr_LMSessionKey *key);
16 void netlogon_creds_des_encrypt(struct netlogon_creds_CredentialState *creds, struct samr_Password *pass);
17 void netlogon_creds_des_decrypt(struct netlogon_creds_CredentialState *creds, struct samr_Password *pass);
18 void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
19 void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
20 void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
21
22 /*****************************************************************
23 The above functions are common to the client and server interface
24 next comes the client specific functions
25 ******************************************************************/
26 struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *mem_ctx, 
27                                                                   const char *client_account,
28                                                                   const char *client_computer_name, 
29                                                                   uint16_t secure_channel_type,
30                                                                   const struct netr_Credential *client_challenge,
31                                                                   const struct netr_Credential *server_challenge,
32                                                                   const struct samr_Password *machine_password,
33                                                                   struct netr_Credential *initial_credential,
34                                                                   uint32_t negotiate_flags);
35 struct netlogon_creds_CredentialState *netlogon_creds_client_init_session_key(TALLOC_CTX *mem_ctx, 
36                                                                               const uint8_t session_key[16]);
37 void netlogon_creds_client_authenticator(struct netlogon_creds_CredentialState *creds,
38                                 struct netr_Authenticator *next);
39 bool netlogon_creds_client_check(struct netlogon_creds_CredentialState *creds,
40                         const struct netr_Credential *received_credentials);
41 struct netlogon_creds_CredentialState *netlogon_creds_copy(TALLOC_CTX *mem_ctx,
42                                                            struct netlogon_creds_CredentialState *creds_in);
43
44 /*****************************************************************
45 The above functions are common to the client and server interface
46 next comes the server specific functions
47 ******************************************************************/
48 struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *mem_ctx, 
49                                                                   const char *client_account,
50                                                                   const char *client_computer_name, 
51                                                                   uint16_t secure_channel_type,
52                                                                   const struct netr_Credential *client_challenge,
53                                                                   const struct netr_Credential *server_challenge,
54                                                                   const struct samr_Password *machine_password,
55                                                                   const struct netr_Credential *credentials_in,
56                                                                   struct netr_Credential *credentials_out,
57                                                                   uint32_t negotiate_flags);
58 NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState *creds,
59                                  const struct netr_Authenticator *received_authenticator,
60                                  struct netr_Authenticator *return_authenticator) ;
61 void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds,
62                                                 uint16_t validation_level,
63                                                 union netr_Validation *validation);
64 void netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds,
65                                                 uint16_t validation_level,
66                                                 union netr_Validation *validation);
67 void netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
68                                            enum netr_LogonInfoClass level,
69                                            union netr_LogonLevel *logon);
70 void netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
71                                            enum netr_LogonInfoClass level,
72                                            union netr_LogonLevel *logon);
73 union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
74                                         enum netr_LogonInfoClass level,
75                                         const union netr_LogonLevel *in);
76
77 /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c  */
78
79 void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
80                      bool forward);
81 DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key);
82 char *sess_decrypt_string(TALLOC_CTX *mem_ctx, 
83                           DATA_BLOB *blob, const DATA_BLOB *session_key);
84 DATA_BLOB sess_encrypt_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob_in, const DATA_BLOB *session_key);
85 NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DATA_BLOB *session_key, 
86                            DATA_BLOB *ret);
87
88 /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/smbencrypt.c  */
89
90 void SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[24]);
91 bool SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24]);
92
93 /**
94  * Creates the MD4 Hash of the users password in NT UNICODE.
95  * @param passwd password in 'unix' charset.
96  * @param p16 return password hashed with md4, caller allocated 16 byte buffer
97  */
98 bool E_md4hash(const char *passwd, uint8_t p16[16]);
99
100 /**
101  * Creates the MD5 Hash of a combination of 16 byte salt and 16 byte NT hash.
102  * @param 16 byte salt.
103  * @param 16 byte NT hash.
104  * @param 16 byte return hashed with md5, caller allocated 16 byte buffer
105  */
106 void E_md5hash(const uint8_t salt[16], const uint8_t nthash[16], uint8_t hash_out[16]);
107
108 /**
109  * Creates the DES forward-only Hash of the users password in DOS ASCII charset
110  * @param passwd password in 'unix' charset.
111  * @param p16 return password hashed with DES, caller allocated 16 byte buffer
112  * @return false if password was > 14 characters, and therefore may be incorrect, otherwise true
113  * @note p16 is filled in regardless
114  */
115 bool E_deshash(const char *passwd, uint8_t p16[16]);
116
117 /**
118  * Creates the MD4 and DES (LM) Hash of the users password.  
119  * MD4 is of the NT Unicode, DES is of the DOS UPPERCASE password.
120  * @param passwd password in 'unix' charset.
121  * @param nt_p16 return password hashed with md4, caller allocated 16 byte buffer
122  * @param p16 return password hashed with des, caller allocated 16 byte buffer
123  */
124 void nt_lm_owf_gen(const char *pwd, uint8_t nt_p16[16], uint8_t p16[16]);
125 bool ntv2_owf_gen(const uint8_t owf[16],
126                   const char *user_in, const char *domain_in,
127                   uint8_t kr_buf[16]);
128 void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24]);
129 void SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24);
130 void SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24);
131 void SMBOWFencrypt_ntv2(const uint8_t kr[16],
132                         const DATA_BLOB *srv_chal,
133                         const DATA_BLOB *smbcli_chal,
134                         uint8_t resp_buf[16]);
135 void SMBsesskeygen_ntv2(const uint8_t kr[16],
136                         const uint8_t * nt_resp, uint8_t sess_key[16]);
137 void SMBsesskeygen_ntv1(const uint8_t kr[16], uint8_t sess_key[16]);
138 void SMBsesskeygen_lm_sess_key(const uint8_t lm_hash[16],
139                                const uint8_t lm_resp[24], /* only uses 8 */ 
140                                uint8_t sess_key[16]);
141 DATA_BLOB NTLMv2_generate_names_blob(TALLOC_CTX *mem_ctx, 
142                                      const char *hostname, 
143                                      const char *domain);
144 bool SMBNTLMv2encrypt_hash(TALLOC_CTX *mem_ctx, 
145                            const char *user, const char *domain, const uint8_t nt_hash[16],
146                            const DATA_BLOB *server_chal, 
147                            const NTTIME *server_timestamp,
148                            const DATA_BLOB *names_blob,
149                            DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
150                            DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) ;
151 bool SMBNTLMv2encrypt(TALLOC_CTX *mem_ctx, 
152                       const char *user, const char *domain, 
153                       const char *password, 
154                       const DATA_BLOB *server_chal, 
155                       const DATA_BLOB *names_blob,
156                       DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
157                       DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) ;
158
159 /***********************************************************
160  encode a password buffer with a unicode password.  The buffer
161  is filled with random data to make it harder to attack.
162 ************************************************************/
163 bool encode_pw_buffer(uint8_t buffer[516], const char *password, int string_flags);
164
165 /***********************************************************
166  decode a password buffer
167  *new_pw_len is the length in bytes of the possibly mulitbyte
168  returned password including termination.
169 ************************************************************/
170 bool decode_pw_buffer(TALLOC_CTX *ctx,
171                       uint8_t in_buffer[516],
172                       char **pp_new_pwrd,
173                       size_t *new_pw_len,
174                       charset_t string_charset);
175
176 /***********************************************************
177  Decode an arc4 encrypted password change buffer.
178 ************************************************************/
179 void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_BLOB *psession_key);
180
181 /***********************************************************
182  encode a password buffer with an already unicode password.  The
183  rest of the buffer is filled with random data to make it harder to attack.
184 ************************************************************/
185 bool set_pw_in_buffer(uint8_t buffer[516], DATA_BLOB *password);
186
187 /***********************************************************
188  decode a password buffer
189  *new_pw_size is the length in bytes of the extracted unicode password
190 ************************************************************/
191 bool extract_pw_from_buffer(TALLOC_CTX *mem_ctx, 
192                             uint8_t in_buffer[516], DATA_BLOB *new_pass);
193 struct wkssvc_PasswordBuffer;
194 void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
195                                         const char *pwd,
196                                         DATA_BLOB *session_key,
197                                         struct wkssvc_PasswordBuffer **pwd_buf);
198 WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
199                                           struct wkssvc_PasswordBuffer *pwd_buf,
200                                           DATA_BLOB *session_key,
201                                           char **pwd);
202
203 /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/smbdes.c  */
204
205 void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int forw);
206 void E_P16(const uint8_t *p14,uint8_t *p16);
207 void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24);
208 void D_P16(const uint8_t *p14, const uint8_t *in, uint8_t *out);
209 void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out);
210 void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]);
211 void des_crypt64(uint8_t out[8], const uint8_t in[8], const uint8_t key[8], int forw);
212 void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw);
213 void des_crypt112_16(uint8_t out[16], const uint8_t in[16], const uint8_t key[14], int forw);
214 void sam_rid_crypt(unsigned int rid, const uint8_t *in, uint8_t *out, int forw);
215 #undef _PRINTF_ATTRIBUTE
216 #define _PRINTF_ATTRIBUTE(a1, a2)
217
218 #endif
219