src/lib-ntlm/ntlm-flags.h

c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * NTLM message flags.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen *
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen *
e074ffeaee1ce283bd42f167c6810e3d013f8218Timo Sirainen * This software is released under the MIT license.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#ifndef NTLM_FLAGS_H
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#define NTLM_FLAGS_H
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that Unicode strings are supported for use in security
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * buffer data.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that OEM strings are supported for use in security buffer data.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_OEM 0x00000002
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Requests that the server's authentication realm be included in the
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Type 2 message.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_REQUEST_TARGET 0x00000004
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Specifies that authenticated communication between the client and server
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * should carry a digital signature (message integrity).
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_SIGN 0x00000010
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Specifies that authenticated communication between the client and server
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * should be encrypted (message confidentiality).
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_SEAL 0x00000020
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that datagram authentication is being used.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_DATAGRAM 0x00000040
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that the LAN Manager session key should be
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * used for signing and sealing authenticated communications.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that NTLM authentication is being used.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_NTLM 0x00000200
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the client in the Type 1 message to indicate that the name of the
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * domain in which the client workstation has membership is included in the
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * message. This is used by the server to determine whether the client is
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * eligible for local authentication.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the client in the Type 1 message to indicate that the client
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * workstation's name is included in the message. This is used by the server
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * to determine whether the client is eligible for local authentication.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the server to indicate that the server and client are on the same
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * machine. Implies that the client may use the established local credentials
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * for authentication instead of calculating a response to the challenge.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x00004000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that authenticated communication between the client and server
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * should be signed with a "dummy" signature.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the server in the Type 2 message to indicate that the target
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * authentication realm is a domain.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_TARGET_TYPE_DOMAIN 0x00010000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the server in the Type 2 message to indicate that the target
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * authentication realm is a server.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_TARGET_TYPE_SERVER 0x00020000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the server in the Type 2 message to indicate that the target
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * authentication realm is a share. Presumably, this is for share-level
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * authentication. Usage is unclear.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_TARGET_TYPE_SHARE 0x00040000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that the NTLM2 signing and sealing scheme should be used for
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * protecting authenticated communications. Note that this refers to a
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * particular session security scheme, and is not related to the use of
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * NTLMv2 authentication.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Sent by the server in the Type 2 message to indicate that it is including
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * a Target Information block in the message. The Target Information block
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * is used in the calculation of the NTLMv2 response.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that 128-bit encryption is supported.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_128 0x20000000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that the client will provide an encrypted master session key in
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * the "Session Key" field of the Type 3 message. This is used in signing and
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * sealing, and is RC4-encrypted using the previous session key as the
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * encryption key.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen/*
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen * Indicates that 56-bit encryption is supported.
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen */
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen#define NTLMSSP_NEGOTIATE_56 0x80000000
c7480644202e5451fbed448508ea29a25cffc99cTimo Sirainen
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#endif