Export (0) Print
Expand All

3.4.4.1 Without Extended Session Security

When Extended Session Security (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) is not negotiated and session security (NTLMSSP_NEGOTIATE_SIGN or NTLMSSP_NEGOTIATE_SEAL) is negotiated, the message signature for NTLM without extended session security is a 16-byte value that contains the following components, as described by the NTLMSSP_MESSAGE_SIGNATURE structure:

  • A 4-byte version-number value that is set to 1.

  • A 4-byte random pad.

  • The 4-bytes of the message's CRC32.

  • The 4-byte sequence number (SeqNum).

If message integrity is negotiated, the message signature is calculated as follows:

-- Input: 
--   SigningKey - The key used to sign the message.
--   SealingKey - The key used to seal the message or checksum.
--   RandomPad - A random number provided by the client. Typically 0.
--   Message - The message being sent between the client and server.
--   SeqNum - Defined in section 3.1.1.
--   Handle - The handle to a key state structure corresponding to the
--   current state of the SealingKey
--
-- Output:
--   An NTLMSSP_MESSAGE_SIGNATURE structure whose fields are defined 
     in section 2.2.2.9.
--   SeqNum - Defined in section 3.1.1.
--
-- Functions used: 
--   ConcatenationOf() - Defined in Section 6.
--   RC4() - Defined in Section 6.
--   CRC32() - Defined in Section 6.

Define MAC(Handle, SigningKey, SeqNum, Message) as
     Set NTLMSSP_MESSAGE_SIGNATURE.Version to 0x00000001
     Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to CRC32(Message)
     Set NTLMSSP_MESSAGE_SIGNATURE.RandomPad RC4(Handle, RandomPad)
     Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to RC4(Handle,
         NTLMSSP_MESSAGE_SIGNATURE.Checksum)
     Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to RC4(Handle, 0x00000000)
     If (connection oriented)
          Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to
              NTLMSSP_MESSAGE_SIGNATURE.SeqNum XOR SeqNum
          Set SeqNum to SeqNum + 1
     Else
          Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to
              NTLMSSP_MESSAGE_SIGNATURE.SeqNum XOR
              (application supplied SeqNum)
     Endif
     Set NTLMSSP_MESSAGE_SIGNATURE.RandomPad to 0

EndDefine
 
Show:
© 2014 Microsoft