xref: /aosp_15_r20/external/cronet/net/ntlm/ntlm_test_data.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1*6777b538SAndroid Build Coastguard Worker // Copyright 2017 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker 
5*6777b538SAndroid Build Coastguard Worker // This file contains common input and result values use to verify the NTLM
6*6777b538SAndroid Build Coastguard Worker // implementation. They are defined in [MS-NLMP] Section 4.2 [1].
7*6777b538SAndroid Build Coastguard Worker //
8*6777b538SAndroid Build Coastguard Worker // [MS-NLMP] has no test data for Extended Protection for Authentication (EPA).
9*6777b538SAndroid Build Coastguard Worker // Test vectors related to EPA (aka Channel Binding) have been taken from
10*6777b538SAndroid Build Coastguard Worker // a Microsoft blog post [2].
11*6777b538SAndroid Build Coastguard Worker //
12*6777b538SAndroid Build Coastguard Worker // [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx
13*6777b538SAndroid Build Coastguard Worker // [2] https://blogs.msdn.microsoft.com/openspecification/2013/03/26/ntlm-and-
14*6777b538SAndroid Build Coastguard Worker //         channel-binding-hash-aka-extended-protection-for-authentication/
15*6777b538SAndroid Build Coastguard Worker 
16*6777b538SAndroid Build Coastguard Worker #ifndef NET_NTLM_NTLM_TEST_DATA_H_
17*6777b538SAndroid Build Coastguard Worker #define NET_NTLM_NTLM_TEST_DATA_H_
18*6777b538SAndroid Build Coastguard Worker 
19*6777b538SAndroid Build Coastguard Worker #include "net/ntlm/ntlm_constants.h"
20*6777b538SAndroid Build Coastguard Worker 
21*6777b538SAndroid Build Coastguard Worker namespace net::ntlm::test {
22*6777b538SAndroid Build Coastguard Worker 
23*6777b538SAndroid Build Coastguard Worker // Common input values defined in [MS-NLMP] Section 4.2.1.
24*6777b538SAndroid Build Coastguard Worker constexpr char16_t kPassword[] = {'P', 'a', 's', 's', 'w', 'o', 'r', 'd', '\0'};
25*6777b538SAndroid Build Coastguard Worker constexpr char16_t kNtlmDomain[] = {'D', 'o', 'm', 'a', 'i', 'n', '\0'};
26*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kNtlmDomainRaw[] = {'D', 0x00, 'o', 0x00, 'm', 0x00,
27*6777b538SAndroid Build Coastguard Worker                                       'a', 0x00, 'i', 0x00, 'n', 0x00};
28*6777b538SAndroid Build Coastguard Worker constexpr char16_t kUser[] = {'U', 's', 'e', 'r', '\0'};
29*6777b538SAndroid Build Coastguard Worker constexpr char16_t kDomainUserCombined[] = {'D',  'o', 'm', 'a', 'i', 'n',
30*6777b538SAndroid Build Coastguard Worker                                             '\\', 'U', 's', 'e', 'r', '\0'};
31*6777b538SAndroid Build Coastguard Worker constexpr char16_t kHostname[] = {'C', 'O', 'M', 'P', 'U', 'T', 'E', 'R', '\0'};
32*6777b538SAndroid Build Coastguard Worker constexpr char16_t kServer[] = {'S', 'e', 'r', 'v', 'e', 'r', '\0'};
33*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kServerRaw[] = {'S', 0x00, 'e', 0x00, 'r', 0x00,
34*6777b538SAndroid Build Coastguard Worker                                   'v', 0x00, 'e', 0x00, 'r', 0x00};
35*6777b538SAndroid Build Coastguard Worker 
36*6777b538SAndroid Build Coastguard Worker // ASCII Versions of the above strings.
37*6777b538SAndroid Build Coastguard Worker constexpr char kNtlmDomainAscii[] = "Domain";
38*6777b538SAndroid Build Coastguard Worker constexpr char kUserAscii[] = "User";
39*6777b538SAndroid Build Coastguard Worker constexpr char kHostnameAscii[] = "COMPUTER";
40*6777b538SAndroid Build Coastguard Worker 
41*6777b538SAndroid Build Coastguard Worker // Test data obtained from [2].
42*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kChannelBindings[] = {
43*6777b538SAndroid Build Coastguard Worker     't',  'l',  's',  '-',  's',  'e',  'r',  'v',  'e',  'r',  '-',
44*6777b538SAndroid Build Coastguard Worker     'e',  'n',  'd',  '-',  'p',  'o',  'i',  'n',  't',  ':',  0xea,
45*6777b538SAndroid Build Coastguard Worker     0x05, 0xfe, 0xfe, 0xcc, 0x6b, 0x0b, 0xd5, 0x71, 0xdb, 0xbc, 0x5b,
46*6777b538SAndroid Build Coastguard Worker     0xaa, 0x3e, 0xd4, 0x53, 0x86, 0xd0, 0x44, 0x68, 0x35, 0xf7, 0xb7,
47*6777b538SAndroid Build Coastguard Worker     0x4c, 0x85, 0x62, 0x1b, 0x99, 0x83, 0x47, 0x5f, 0x95, '\0'};
48*6777b538SAndroid Build Coastguard Worker 
49*6777b538SAndroid Build Coastguard Worker constexpr char kNtlmSpn[] = {'H', 'T', 'T', 'P', '/', 'S',
50*6777b538SAndroid Build Coastguard Worker                              'e', 'r', 'v', 'e', 'r', '\0'};
51*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kNtlmSpnRaw[] = {'H', 0x00, 'T', 0x00, 'T', 0x00, 'P', 0x00,
52*6777b538SAndroid Build Coastguard Worker                                    '/', 0x00, 'S', 0x00, 'e', 0x00, 'r', 0x00,
53*6777b538SAndroid Build Coastguard Worker                                    'v', 0x00, 'e', 0x00, 'r', 0x00};
54*6777b538SAndroid Build Coastguard Worker 
55*6777b538SAndroid Build Coastguard Worker // Input value defined in [MS-NLMP] Section 4.2.1.
56*6777b538SAndroid Build Coastguard Worker constexpr uint64_t kServerTimestamp = 0;
57*6777b538SAndroid Build Coastguard Worker 
58*6777b538SAndroid Build Coastguard Worker // Arbitrary value for client timestamp. The spec does not provide test data
59*6777b538SAndroid Build Coastguard Worker // or scenarios involving the client timestamp. The relevant thing is that it
60*6777b538SAndroid Build Coastguard Worker // is not equal to |kServerTimestamp| so it can be determined which timestamp
61*6777b538SAndroid Build Coastguard Worker // is within the message.
62*6777b538SAndroid Build Coastguard Worker // Tue, 23 May 2017 20:13:07 +0000
63*6777b538SAndroid Build Coastguard Worker constexpr uint64_t kClientTimestamp = 131400439870000000;
64*6777b538SAndroid Build Coastguard Worker 
65*6777b538SAndroid Build Coastguard Worker // Challenge vectors defined in [MS-NLMP] Section 4.2.1.
66*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kServerChallenge[kChallengeLen] = {0x01, 0x23, 0x45, 0x67,
67*6777b538SAndroid Build Coastguard Worker                                                      0x89, 0xab, 0xcd, 0xef};
68*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kClientChallenge[kChallengeLen] = {0xaa, 0xaa, 0xaa, 0xaa,
69*6777b538SAndroid Build Coastguard Worker                                                      0xaa, 0xaa, 0xaa, 0xaa};
70*6777b538SAndroid Build Coastguard Worker 
71*6777b538SAndroid Build Coastguard Worker // Test input defined in [MS-NLMP] Section 4.2.3.3.
72*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kChallengeMsgV1[] = {
73*6777b538SAndroid Build Coastguard Worker     0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00,
74*6777b538SAndroid Build Coastguard Worker     0x0c, 0x00, 0x0c, 0x00, 0x38, 0x00, 0x00, 0x00, 0x33, 0x82, 0x0a, 0x82,
75*6777b538SAndroid Build Coastguard Worker     0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00,
76*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
77*6777b538SAndroid Build Coastguard Worker     0x06, 0x00, 0x70, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x53, 0x00, 0x65, 0x00,
78*6777b538SAndroid Build Coastguard Worker     0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00};
79*6777b538SAndroid Build Coastguard Worker 
80*6777b538SAndroid Build Coastguard Worker // Test input defined in [MS-NLMP] Section 4.2.4.3.
81*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kChallengeMsgFromSpecV2[] = {
82*6777b538SAndroid Build Coastguard Worker     0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00,
83*6777b538SAndroid Build Coastguard Worker     0x0c, 0x00, 0x0c, 0x00, 0x38, 0x00, 0x00, 0x00, 0x33, 0x82, 0x8a, 0xe2,
84*6777b538SAndroid Build Coastguard Worker     0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00,
85*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x24, 0x00, 0x24, 0x00, 0x44, 0x00, 0x00, 0x00,
86*6777b538SAndroid Build Coastguard Worker     0x06, 0x00, 0x70, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x53, 0x00, 0x65, 0x00,
87*6777b538SAndroid Build Coastguard Worker     0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x02, 0x00, 0x0c, 0x00,
88*6777b538SAndroid Build Coastguard Worker     0x44, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00,
89*6777b538SAndroid Build Coastguard Worker     0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00,
90*6777b538SAndroid Build Coastguard Worker     0x65, 0x00, 0x72, 0x00, 0x00, 0x00, 0x00, 0x00,
91*6777b538SAndroid Build Coastguard Worker };
92*6777b538SAndroid Build Coastguard Worker 
93*6777b538SAndroid Build Coastguard Worker // A minimal challenge message for tests. For NTLMv1 this implementation only
94*6777b538SAndroid Build Coastguard Worker // reads the smallest required version of the message (32 bytes). Some
95*6777b538SAndroid Build Coastguard Worker // servers may still send messages this small. The only relevant flags
96*6777b538SAndroid Build Coastguard Worker // that affect behavior are that both NTLMSSP_NEGOTIATE_UNICODE and
97*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are set.
98*6777b538SAndroid Build Coastguard Worker //
99*6777b538SAndroid Build Coastguard Worker // [0-7]    - "NTLMSSP\0"                        (Signature)
100*6777b538SAndroid Build Coastguard Worker // [9-11]   - |MessageType::kChallenge|          (Message Type = 0x00000002)
101*6777b538SAndroid Build Coastguard Worker // [12-19]  - |SecBuf(kNegotiateMessageLen, 0)|  (Target Name - Not Used)
102*6777b538SAndroid Build Coastguard Worker // [20-23]  - |kNegotiateMessageFlags|           (Flags = 0x00088207)
103*6777b538SAndroid Build Coastguard Worker // [24-31]  - |kServerChallenge|                 (Server Challenge)
104*6777b538SAndroid Build Coastguard Worker //
105*6777b538SAndroid Build Coastguard Worker // See [MS-NLMP] Section 2.2.2.2 for more information about the Challenge
106*6777b538SAndroid Build Coastguard Worker // message.
107*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kMinChallengeMessage[kChallengeHeaderLen] = {
108*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x02, 0x00, 0x00,
109*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x07, 0x82,
110*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
111*6777b538SAndroid Build Coastguard Worker 
112*6777b538SAndroid Build Coastguard Worker // The same message as |kMinChallengeMessage| but with the
113*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_UNICODE flag cleared.
114*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kMinChallengeMessageNoUnicode[kChallengeHeaderLen] = {
115*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x02, 0x00, 0x00,
116*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x06, 0x82,
117*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
118*6777b538SAndroid Build Coastguard Worker 
119*6777b538SAndroid Build Coastguard Worker // The same message as |kMinChallengeMessage| but with the
120*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag cleared.
121*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kMinChallengeMessageNoSS[kChallengeHeaderLen] = {
122*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x02, 0x00, 0x00,
123*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x07, 0x82,
124*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
125*6777b538SAndroid Build Coastguard Worker 
126*6777b538SAndroid Build Coastguard Worker // Test result value for NTOWFv1() defined in [MS-NLMP] Section 4.2.2.1.2.
127*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedNtlmHashV1[kNtlmHashLen] = {
128*6777b538SAndroid Build Coastguard Worker     0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca,
129*6777b538SAndroid Build Coastguard Worker     0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52};
130*6777b538SAndroid Build Coastguard Worker 
131*6777b538SAndroid Build Coastguard Worker // Test result value for NTOWFv2() defined in [MS-NLMP] Section 4.2.4.1.1.
132*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedNtlmHashV2[kNtlmHashLen] = {
133*6777b538SAndroid Build Coastguard Worker     0x0c, 0x86, 0x8a, 0x40, 0x3b, 0xfd, 0x7a, 0x93,
134*6777b538SAndroid Build Coastguard Worker     0xa3, 0x00, 0x1e, 0xf2, 0x2e, 0xf0, 0x2e, 0x3f};
135*6777b538SAndroid Build Coastguard Worker 
136*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.2.1.
137*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedNtlmResponseV1[kResponseLenV1] = {
138*6777b538SAndroid Build Coastguard Worker     0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6,
139*6777b538SAndroid Build Coastguard Worker     0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94};
140*6777b538SAndroid Build Coastguard Worker 
141*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.3.2.2.
142*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedNtlmResponseWithV1SS[kResponseLenV1] = {
143*6777b538SAndroid Build Coastguard Worker     0x75, 0x37, 0xf8, 0x03, 0xae, 0x36, 0x71, 0x28, 0xca, 0x45, 0x82, 0x04,
144*6777b538SAndroid Build Coastguard Worker     0xbd, 0xe7, 0xca, 0xf8, 0x1e, 0x97, 0xed, 0x26, 0x83, 0x26, 0x72, 0x32};
145*6777b538SAndroid Build Coastguard Worker 
146*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.3.2.1.
147*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedLmResponseWithV1SS[kResponseLenV1] = {
148*6777b538SAndroid Build Coastguard Worker     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00,
149*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
150*6777b538SAndroid Build Coastguard Worker 
151*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.4.1.3.
152*6777b538SAndroid Build Coastguard Worker //
153*6777b538SAndroid Build Coastguard Worker // "temp" is defined in Section 3.3.2 and is part of the data to be hashed
154*6777b538SAndroid Build Coastguard Worker // to generate the NTLMv2 Proof. It is composed of 3 parts;
155*6777b538SAndroid Build Coastguard Worker //
156*6777b538SAndroid Build Coastguard Worker // 1) [0-27] A fixed length part in the first 28 (|kProofInputLenV2|) bytes
157*6777b538SAndroid Build Coastguard Worker // which in this implementation is generated by |GenerateProofInputV2|.
158*6777b538SAndroid Build Coastguard Worker //
159*6777b538SAndroid Build Coastguard Worker // 2) [28-63] A variable length part which the spec calls "ServerName" but
160*6777b538SAndroid Build Coastguard Worker // defines as the AV Pairs (aka Target Information) from the Authenticate
161*6777b538SAndroid Build Coastguard Worker // message. See |kExpectedTargetInfoFromSpecV2| for more information.
162*6777b538SAndroid Build Coastguard Worker //
163*6777b538SAndroid Build Coastguard Worker // 3) [64-68] 4 zero bytes.
164*6777b538SAndroid Build Coastguard Worker //
165*6777b538SAndroid Build Coastguard Worker // NOTE: The timestamp (bytes [8-15]) should not actually be 0 here. In order
166*6777b538SAndroid Build Coastguard Worker // to use the test data from the spec some lower level tests do generate this
167*6777b538SAndroid Build Coastguard Worker // value. The target info sent by the server does not contain a timestamp
168*6777b538SAndroid Build Coastguard Worker // AvPair, and section 3.1.5.1.2 states that the client should populate the
169*6777b538SAndroid Build Coastguard Worker // timestamp with the servers timestamp if it exists, otherwise with the
170*6777b538SAndroid Build Coastguard Worker // client's local time. For end to end tests the alternate value
171*6777b538SAndroid Build Coastguard Worker // |kExpectedTempWithClientTimestampV2| below is used for end to end tests.
172*6777b538SAndroid Build Coastguard Worker // Having different test data for the server and client time allows testing
173*6777b538SAndroid Build Coastguard Worker // the logic more correctly.
174*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedTempFromSpecV2[] = {
175*6777b538SAndroid Build Coastguard Worker     0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
176*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
177*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00,
178*6777b538SAndroid Build Coastguard Worker     0x6d, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00,
179*6777b538SAndroid Build Coastguard Worker     0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00,
180*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
181*6777b538SAndroid Build Coastguard Worker 
182*6777b538SAndroid Build Coastguard Worker // This value is the same as |kExpectedTempFromSpecV2| but with the timestamp
183*6777b538SAndroid Build Coastguard Worker // field at bytes [8-15] populated with |kClientTimestamp|.
184*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedTempWithClientTimestampV2[] = {
185*6777b538SAndroid Build Coastguard Worker     0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x0b, 0xc8, 0xfd,
186*6777b538SAndroid Build Coastguard Worker     0x00, 0xd4, 0xd2, 0x01, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
187*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00,
188*6777b538SAndroid Build Coastguard Worker     0x6d, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00,
189*6777b538SAndroid Build Coastguard Worker     0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00,
190*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
191*6777b538SAndroid Build Coastguard Worker 
192*6777b538SAndroid Build Coastguard Worker // Test result value defined (indirectly) in [MS-NLMP] Section 4.2.4.
193*6777b538SAndroid Build Coastguard Worker //
194*6777b538SAndroid Build Coastguard Worker // This is part 2 (bytes [28-63]) of |kExpectedTempFromSpecV2|. Additional
195*6777b538SAndroid Build Coastguard Worker // notes;
196*6777b538SAndroid Build Coastguard Worker //
197*6777b538SAndroid Build Coastguard Worker // a) The spec defines the AV Pairs to be in the opposite order to which they
198*6777b538SAndroid Build Coastguard Worker //    actually appear in the output in Section 4.2.4.1.3.
199*6777b538SAndroid Build Coastguard Worker //
200*6777b538SAndroid Build Coastguard Worker // b) The implicit presence of a terminating AV Pair is not mentioned.
201*6777b538SAndroid Build Coastguard Worker //
202*6777b538SAndroid Build Coastguard Worker // c) Section 4.2.4 does not show the byte sequences of the AV Pair Headers.
203*6777b538SAndroid Build Coastguard Worker //
204*6777b538SAndroid Build Coastguard Worker // NOTE: The real implementation in default settings would not have such a
205*6777b538SAndroid Build Coastguard Worker // simple set of AV Pairs since a flags field to indicate the presence of a
206*6777b538SAndroid Build Coastguard Worker // MIC, and a channel bindings field would also have been added.
207*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedTargetInfoFromSpecV2[] = {
208*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00,
209*6777b538SAndroid Build Coastguard Worker     0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x65, 0x00,
210*6777b538SAndroid Build Coastguard Worker     0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x00, 0x00, 0x00, 0x00};
211*6777b538SAndroid Build Coastguard Worker 
212*6777b538SAndroid Build Coastguard Worker // This target info is to test the behavior when a server timestamp is
213*6777b538SAndroid Build Coastguard Worker // present. It is the same as |kExpectedTargetInfoFromSpecV2| but with
214*6777b538SAndroid Build Coastguard Worker // an additional timestamp AvPair.
215*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedTargetInfoFromSpecPlusServerTimestampV2[] = {
216*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00,
217*6777b538SAndroid Build Coastguard Worker     0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x65, 0x00,
218*6777b538SAndroid Build Coastguard Worker     0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x07, 0x00, 0x08, 0x00,
219*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
220*6777b538SAndroid Build Coastguard Worker 
221*6777b538SAndroid Build Coastguard Worker // The target info after being updated by the client when the server sends
222*6777b538SAndroid Build Coastguard Worker // |kExpectedTargetInfoFromSpecV2| in the challenge message with both EPA and
223*6777b538SAndroid Build Coastguard Worker // MIC enabled.
224*6777b538SAndroid Build Coastguard Worker //
225*6777b538SAndroid Build Coastguard Worker // When MIC and EPA are enabled, 3 additional AvPairs are added.
226*6777b538SAndroid Build Coastguard Worker // 1) A flags AVPair with the MIC_PRESENT bit set.
227*6777b538SAndroid Build Coastguard Worker // 2) A channel bindings AVPair containing the channel bindings hash.
228*6777b538SAndroid Build Coastguard Worker // 3) A target name AVPair containing the SPN of the server.
229*6777b538SAndroid Build Coastguard Worker //
230*6777b538SAndroid Build Coastguard Worker // AvPair 1 [0-1]    |TargetInfoAvId::kDomainName|      Av ID = 0x0002
231*6777b538SAndroid Build Coastguard Worker // AvPair 1 [2-3]    |len(kNtlmDomainRaw)|              Av Length = 0x000c
232*6777b538SAndroid Build Coastguard Worker // AvPair 1 [4-15]   |kNtlmDomainRaw|                   Av Payload = L"Domain"
233*6777b538SAndroid Build Coastguard Worker //
234*6777b538SAndroid Build Coastguard Worker // AvPair 2 [16-17]  |TargetInfoAvId::kServerName|      Av ID = 0x0001
235*6777b538SAndroid Build Coastguard Worker // AvPair 2 [18-19]  |len(kServerRaw)|                  Av Length = 0x000c
236*6777b538SAndroid Build Coastguard Worker // AvPair 2 [20-31]  |kServerRaw|                       Av Payload = L"Server"
237*6777b538SAndroid Build Coastguard Worker //
238*6777b538SAndroid Build Coastguard Worker // AvPair 3 [32-33]  |TargetInfoAvId::kFlags|           Av ID = 0x0006
239*6777b538SAndroid Build Coastguard Worker // AvPair 3 [34-35]  |sizeof(uint32_t)|                 Av Length = 0x0004
240*6777b538SAndroid Build Coastguard Worker // AvPair 3 [36-39]  |TargetInfoAvFlags::kMicPresent|   Av Payload = 0x00000002
241*6777b538SAndroid Build Coastguard Worker //
242*6777b538SAndroid Build Coastguard Worker // AvPair 4 [40-41]  |TargetInfoAvId::kChannelBindings| Av ID = 0x000a
243*6777b538SAndroid Build Coastguard Worker // AvPair 4 [42-43]  |kChannelBindingsHashLen|          Av Length = 0x0010
244*6777b538SAndroid Build Coastguard Worker // AvPair 4 [44-59]  |kExpectedChannelBindingHashV2|    Av Payload
245*6777b538SAndroid Build Coastguard Worker //
246*6777b538SAndroid Build Coastguard Worker // AvPair 5 [60-61]  |TargetInfoAvId::kTargetName|      Av ID = 0x0009
247*6777b538SAndroid Build Coastguard Worker // AvPair 5 [62-63]  |len(kNtlmSpnRaw)|                 Av Length = 0x0016
248*6777b538SAndroid Build Coastguard Worker // AvPair 5 [64-85]  |kNtlmSpnRaw|                      Av Payload =
249*6777b538SAndroid Build Coastguard Worker //                                                          L"HTTP/Server"
250*6777b538SAndroid Build Coastguard Worker //
251*6777b538SAndroid Build Coastguard Worker // AvPair 6 [86-87]  |TargetInfoAvId::kEol|             Av ID = 0x0000
252*6777b538SAndroid Build Coastguard Worker // AvPair 6 [88-89]                                     Av Length = 0x0000
253*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedTargetInfoSpecResponseV2[] = {
254*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x0c, 0x00, 'D',  0x00, 'o',  0x00, 'm',  0x00, 'a',  0x00,
255*6777b538SAndroid Build Coastguard Worker     'i',  0x00, 'n',  0x00, 0x01, 0x00, 0x0c, 0x00, 'S',  0x00, 'e',  0x00,
256*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 'v',  0x00, 'e',  0x00, 'r',  0x00, 0x06, 0x00, 0x04, 0x00,
257*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x00, 0x65, 0x86, 0xE9, 0x9D,
258*6777b538SAndroid Build Coastguard Worker     0x81, 0xC2, 0xFC, 0x98, 0x4E, 0x47, 0x17, 0x2F, 0xD4, 0xDD, 0x03, 0x10,
259*6777b538SAndroid Build Coastguard Worker     0x09, 0x00, 0x16, 0x00, 'H',  0x00, 'T',  0x00, 'T',  0x00, 'P',  0x00,
260*6777b538SAndroid Build Coastguard Worker     '/',  0x00, 'S',  0x00, 'e',  0x00, 'r',  0x00, 'v',  0x00, 'e',  0x00,
261*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 0x00, 0x00, 0x00, 0x00};
262*6777b538SAndroid Build Coastguard Worker 
263*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.4.2.2.
264*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedProofFromSpecV2[kNtlmProofLenV2] = {
265*6777b538SAndroid Build Coastguard Worker     0x68, 0xcd, 0x0a, 0xb8, 0x51, 0xe5, 0x1c, 0x96,
266*6777b538SAndroid Build Coastguard Worker     0xaa, 0xbc, 0x92, 0x7b, 0xeb, 0xef, 0x6a, 0x1c};
267*6777b538SAndroid Build Coastguard Worker 
268*6777b538SAndroid Build Coastguard Worker // The value of the NTLMv2 proof when |kExpectedTargetInfoSpecResponseV2| is
269*6777b538SAndroid Build Coastguard Worker // the updated target info in the Authenticate message.
270*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedProofSpecResponseV2[kNtlmProofLenV2] = {
271*6777b538SAndroid Build Coastguard Worker     0x01, 0x0c, 0x0b, 0xd1, 0x4e, 0xf7, 0xa2, 0x96,
272*6777b538SAndroid Build Coastguard Worker     0x89, 0xc0, 0xc1, 0x9c, 0xea, 0xe8, 0xb7, 0xdf};
273*6777b538SAndroid Build Coastguard Worker 
274*6777b538SAndroid Build Coastguard Worker // The value of the NTLMv2 proof when |kExpectedTargetInfoSpecResponseV2| is
275*6777b538SAndroid Build Coastguard Worker // the updated target info, and |kClientTimestamp| is correctly set in the
276*6777b538SAndroid Build Coastguard Worker // Authenticate message.
277*6777b538SAndroid Build Coastguard Worker constexpr uint8_t
278*6777b538SAndroid Build Coastguard Worker     kExpectedProofSpecResponseWithClientTimestampV2[kNtlmProofLenV2] = {
279*6777b538SAndroid Build Coastguard Worker         0x8c, 0x02, 0x60, 0xdb, 0xef, 0x69, 0x06, 0x62,
280*6777b538SAndroid Build Coastguard Worker         0xaf, 0x9c, 0x42, 0xd5, 0x07, 0x82, 0xd2, 0xed};
281*6777b538SAndroid Build Coastguard Worker 
282*6777b538SAndroid Build Coastguard Worker // Test result data obtained from [2].
283*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedChannelBindingHashV2[kChannelBindingsHashLen] = {
284*6777b538SAndroid Build Coastguard Worker     0x65, 0x86, 0xE9, 0x9D, 0x81, 0xC2, 0xFC, 0x98,
285*6777b538SAndroid Build Coastguard Worker     0x4E, 0x47, 0x17, 0x2F, 0xD4, 0xDD, 0x03, 0x10};
286*6777b538SAndroid Build Coastguard Worker 
287*6777b538SAndroid Build Coastguard Worker // Test result value defined in [MS-NLMP] Section 4.2.4.1.2.
288*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedSessionBaseKeyFromSpecV2[kSessionKeyLenV2] = {
289*6777b538SAndroid Build Coastguard Worker     0x8d, 0xe4, 0x0c, 0xca, 0xdb, 0xc1, 0x4a, 0x82,
290*6777b538SAndroid Build Coastguard Worker     0xf1, 0x5c, 0xb0, 0xad, 0x0d, 0xe9, 0x5c, 0xa3};
291*6777b538SAndroid Build Coastguard Worker 
292*6777b538SAndroid Build Coastguard Worker // The session base key when the proof is
293*6777b538SAndroid Build Coastguard Worker // |kExpectedProofSpecResponseWithClientTimestampV2|.
294*6777b538SAndroid Build Coastguard Worker constexpr uint8_t
295*6777b538SAndroid Build Coastguard Worker     kExpectedSessionBaseKeyWithClientTimestampV2[kSessionKeyLenV2] = {
296*6777b538SAndroid Build Coastguard Worker         0x62, 0x3d, 0xbd, 0x07, 0x1b, 0xe7, 0xa5, 0x30,
297*6777b538SAndroid Build Coastguard Worker         0xb6, 0xa9, 0x5c, 0x2e, 0xb4, 0x98, 0x24, 0x70};
298*6777b538SAndroid Build Coastguard Worker 
299*6777b538SAndroid Build Coastguard Worker // The Message Integrity Check (MIC) using
300*6777b538SAndroid Build Coastguard Worker // |kExpectedSessionBaseKeyWithClientTimestampV2| over the following 3
301*6777b538SAndroid Build Coastguard Worker // messages; |kExpectedNegotiateMsg|, |kChallengeMsgFromSpecV2|, and
302*6777b538SAndroid Build Coastguard Worker // |kExpectedAuthenticateMsgSpecResponseV2|.
303*6777b538SAndroid Build Coastguard Worker // The MIC field in |kExpectedAuthenticateMsgSpecResponseV2| is set to all
304*6777b538SAndroid Build Coastguard Worker // zeros while calculating the hash.
305*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedMicV2[kMicLenV2] = {
306*6777b538SAndroid Build Coastguard Worker     0xf7, 0x36, 0x16, 0x33, 0xf0, 0xad, 0x9b, 0xdf,
307*6777b538SAndroid Build Coastguard Worker     0x4a, 0x7c, 0x42, 0x1b, 0xc6, 0xb8, 0x24, 0xa3};
308*6777b538SAndroid Build Coastguard Worker 
309*6777b538SAndroid Build Coastguard Worker // Expected negotiate message from this implementation.
310*6777b538SAndroid Build Coastguard Worker // [0-7]    - "NTLMSSP\0"                       (Signature)
311*6777b538SAndroid Build Coastguard Worker // [9-11]   - |MessageType::kNegotiate|         (Message Type = 0x00000001)
312*6777b538SAndroid Build Coastguard Worker // [12-15]  - |kNegotiateMessageFlags|          (Flags = 0x00088207)
313*6777b538SAndroid Build Coastguard Worker // [16-23]  - |SecBuf(kNegotiateMessageLen, 0)| (Domain)
314*6777b538SAndroid Build Coastguard Worker // [24-32]  - |SecBuf(kNegotiateMessageLen, 0)| (Workstation)
315*6777b538SAndroid Build Coastguard Worker //
316*6777b538SAndroid Build Coastguard Worker // NOTE: Message does not include Version field. Since
317*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_VERSION is never sent, it is not required, and the server
318*6777b538SAndroid Build Coastguard Worker // won't try to read it. The field is currently omitted for test compatibility
319*6777b538SAndroid Build Coastguard Worker // with the existing implementation. When NTLMv2 is implemented this field
320*6777b538SAndroid Build Coastguard Worker // will be present for both NTLMv1 and NTLMv2, however it will always be set to
321*6777b538SAndroid Build Coastguard Worker // all zeros. The version field is only used for debugging and only defines
322*6777b538SAndroid Build Coastguard Worker // a mapping to Windows operating systems.
323*6777b538SAndroid Build Coastguard Worker //
324*6777b538SAndroid Build Coastguard Worker // Similarly both Domain and Workstation fields are are not strictly required
325*6777b538SAndroid Build Coastguard Worker // either (though are included here) since neither
326*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED nor
327*6777b538SAndroid Build Coastguard Worker // NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED are ever sent. A compliant server
328*6777b538SAndroid Build Coastguard Worker // should never read past the 16th byte in this message.
329*6777b538SAndroid Build Coastguard Worker //
330*6777b538SAndroid Build Coastguard Worker // See [MS-NLMP] Section 2.2.2.5 for more detail on flags and 2.2.2.1 for the
331*6777b538SAndroid Build Coastguard Worker // Negotiate message in general.
332*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedNegotiateMsg[kNegotiateMessageLen] = {
333*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x01, 0x00, 0x00,
334*6777b538SAndroid Build Coastguard Worker     0x00, 0x07, 0x82, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00,
335*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00};
336*6777b538SAndroid Build Coastguard Worker 
337*6777b538SAndroid Build Coastguard Worker // Expected V1 Authenticate message from this implementation when sent
338*6777b538SAndroid Build Coastguard Worker // |kChallengeMsgV1| as the challenge.
339*6777b538SAndroid Build Coastguard Worker //
340*6777b538SAndroid Build Coastguard Worker // [0-7]    - "NTLMSSP\0"                         (Signature)
341*6777b538SAndroid Build Coastguard Worker // [9-11]   - |MessageType::kAuthenticate|        (Message Type = 0x00000003)
342*6777b538SAndroid Build Coastguard Worker // [12-19]  - |SecBuf(64, kResponseLenV1)|        (LM Response)
343*6777b538SAndroid Build Coastguard Worker // [20-27]  - |SecBuf(88, kResponseLenV1)|       (NTLM Response)
344*6777b538SAndroid Build Coastguard Worker // [28-35]  - |SecBuf(112, 12)|                   (Target Name = L"Domain")
345*6777b538SAndroid Build Coastguard Worker // [36-43]  - |SecBuf(124, 8)|                    (User = L"User")
346*6777b538SAndroid Build Coastguard Worker // [44-51]  - |SecBuf(132, 16)|                   (Workstation = L"COMPUTER")
347*6777b538SAndroid Build Coastguard Worker // [52-59]  - |SecBuf(64, 0)|                     (Session Key (empty))
348*6777b538SAndroid Build Coastguard Worker // [60-63]  - 0x00088203                          (Flags)
349*6777b538SAndroid Build Coastguard Worker // [64-87]  - |EXPECTED_V1_WITH_SS_LM_RESPONSE|   (LM Response Payload)
350*6777b538SAndroid Build Coastguard Worker // [88-111] - |EXPECTED_V1_WITH_SS_NTLM_RESPONSE| (NTLM Response Payload)
351*6777b538SAndroid Build Coastguard Worker // [112-123]- L"Domain"                           (Target Name Payload)
352*6777b538SAndroid Build Coastguard Worker // [124-132]- L"User"                             (User Payload)
353*6777b538SAndroid Build Coastguard Worker // [132-147]- L"COMPUTER"                         (Workstation Payload)
354*6777b538SAndroid Build Coastguard Worker //
355*6777b538SAndroid Build Coastguard Worker // NOTE: This is not identical to the message in [MS-NLMP] Section 4.2.2.3 for
356*6777b538SAndroid Build Coastguard Worker // several reasons.
357*6777b538SAndroid Build Coastguard Worker //
358*6777b538SAndroid Build Coastguard Worker // 1) The flags are different because this implementation does not support
359*6777b538SAndroid Build Coastguard Worker // the flags related to version, key exchange, signing and sealing. These
360*6777b538SAndroid Build Coastguard Worker // flags are not relevant to implementing the NTLM scheme in HTTP.
361*6777b538SAndroid Build Coastguard Worker // 2) Since key exchange is not required nor supported, the session base key
362*6777b538SAndroid Build Coastguard Worker // payload is not required nor present.
363*6777b538SAndroid Build Coastguard Worker // 3) The specification allows payloads to be in any order. This (and the
364*6777b538SAndroid Build Coastguard Worker // prior) implementation uses a different payload order than the example.
365*6777b538SAndroid Build Coastguard Worker // 4) The version field is Windows specific and there is no provision for
366*6777b538SAndroid Build Coastguard Worker // non-Windows OS information. This message does not include a version field.
367*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedAuthenticateMsgSpecResponseV1[] = {
368*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x03, 0x00, 0x00, 0x00,
369*6777b538SAndroid Build Coastguard Worker     0x18, 0x00, 0x18, 0x00, 0x40, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
370*6777b538SAndroid Build Coastguard Worker     0x58, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0x70, 0x00, 0x00, 0x00,
371*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x08, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
372*6777b538SAndroid Build Coastguard Worker     0x84, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
373*6777b538SAndroid Build Coastguard Worker     0x03, 0x82, 0x08, 0x00, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
374*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
375*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x75, 0x37, 0xf8, 0x03, 0xae, 0x36, 0x71, 0x28,
376*6777b538SAndroid Build Coastguard Worker     0xca, 0x45, 0x82, 0x04, 0xbd, 0xe7, 0xca, 0xf8, 0x1e, 0x97, 0xed, 0x26,
377*6777b538SAndroid Build Coastguard Worker     0x83, 0x26, 0x72, 0x32, 'D',  0x00, 'o',  0x00, 'm',  0x00, 'a',  0x00,
378*6777b538SAndroid Build Coastguard Worker     'i',  0x00, 'n',  0x00, 'U',  0x00, 's',  0x00, 'e',  0x00, 'r',  0x00,
379*6777b538SAndroid Build Coastguard Worker     'C',  0x00, 'O',  0x00, 'M',  0x00, 'P',  0x00, 'U',  0x00, 'T',  0x00,
380*6777b538SAndroid Build Coastguard Worker     'E',  0x00, 'R',  0x00,
381*6777b538SAndroid Build Coastguard Worker };
382*6777b538SAndroid Build Coastguard Worker 
383*6777b538SAndroid Build Coastguard Worker // Expected V2 Authenticate message from this implementation when sent
384*6777b538SAndroid Build Coastguard Worker // |kChallengeMsgFromSpecV2| as the challenge using default features.
385*6777b538SAndroid Build Coastguard Worker //
386*6777b538SAndroid Build Coastguard Worker // [0-7]    - "NTLMSSP\0"                          (Signature)
387*6777b538SAndroid Build Coastguard Worker // [9-11]   - |MessageType::kAuthenticate|         (Message Type = 0x00000003)
388*6777b538SAndroid Build Coastguard Worker // [12-19]  - |SecBuf(88, kResponseLenV1)|         (LM Response)
389*6777b538SAndroid Build Coastguard Worker // [20-27]  - |SecBuf(112, 138)|                   (NTLM Response)
390*6777b538SAndroid Build Coastguard Worker // [28-35]  - |SecBuf(250, 12)|                    (Target Name = L"Domain")
391*6777b538SAndroid Build Coastguard Worker // [36-43]  - |SecBuf(262, 8)|                     (User = L"User")
392*6777b538SAndroid Build Coastguard Worker // [44-51]  - |SecBuf(270, 16)|                    (Workstation = L"COMPUTER")
393*6777b538SAndroid Build Coastguard Worker // [52-59]  - |SecBuf(88, 0)|                      (Session Key (empty))
394*6777b538SAndroid Build Coastguard Worker // [60-63]  - 0x00088203                           (Flags)
395*6777b538SAndroid Build Coastguard Worker // [64-71]  - All zero                             (Version)
396*6777b538SAndroid Build Coastguard Worker // [72-87]  - |kExpectedMicV2|                     (MIC)
397*6777b538SAndroid Build Coastguard Worker // [88-111] - All zero                             (LM Response Payload)
398*6777b538SAndroid Build Coastguard Worker // [112-249]-------------------------------------- (NTLM Response Payload)
399*6777b538SAndroid Build Coastguard Worker //   [112-127]-|kExpectedProofSpecResponseWithClientTimestampV2|
400*6777b538SAndroid Build Coastguard Worker //                                                 (NTLMv2 Proof)
401*6777b538SAndroid Build Coastguard Worker //   [128-155]-|kExpectedTempWithClientTimestampV2[0-27]|
402*6777b538SAndroid Build Coastguard Worker //                                                 (Proof Input)
403*6777b538SAndroid Build Coastguard Worker //   [156-245]-|kExpectedTargetInfoSpecResponseV2| (Updated target info)
404*6777b538SAndroid Build Coastguard Worker //   [246-249]-0x00000000                          (Reserved - zeros)
405*6777b538SAndroid Build Coastguard Worker // -----------------------------------------------------------------------
406*6777b538SAndroid Build Coastguard Worker // [250-261]- L"Domain"                            (Target Name Payload)
407*6777b538SAndroid Build Coastguard Worker // [262-269]- L"User"                              (User Payload)
408*6777b538SAndroid Build Coastguard Worker // [270-285]- L"COMPUTER"                          (Workstation Payload)
409*6777b538SAndroid Build Coastguard Worker //
410*6777b538SAndroid Build Coastguard Worker // NOTE: This is not identical to the message in [MS-NLMP] Section TODO(X) for
411*6777b538SAndroid Build Coastguard Worker // several reasons.
412*6777b538SAndroid Build Coastguard Worker //
413*6777b538SAndroid Build Coastguard Worker // 1) The flags are different because this implementation does not support
414*6777b538SAndroid Build Coastguard Worker // the flags related to version, key exchange, signing and sealing. These
415*6777b538SAndroid Build Coastguard Worker // flags are not relevant to implementing the NTLM scheme in HTTP.
416*6777b538SAndroid Build Coastguard Worker // 2) Since key exchange is not required nor supported, the session base key
417*6777b538SAndroid Build Coastguard Worker // payload is not required nor present.
418*6777b538SAndroid Build Coastguard Worker // 3) The specification allows payloads to be in any order. This (and the
419*6777b538SAndroid Build Coastguard Worker // prior) implementation uses a different payload order than the example.
420*6777b538SAndroid Build Coastguard Worker // 4) The version field is Windows specific and there is no provision for a
421*6777b538SAndroid Build Coastguard Worker // non-Windows OS information. This message does not include a version field.
422*6777b538SAndroid Build Coastguard Worker // 5) The example in the spec does not use Extended Protection for
423*6777b538SAndroid Build Coastguard Worker // Authentication (EPA). This message includes an extra AV Pair containing
424*6777b538SAndroid Build Coastguard Worker // the hashed channel bindings.
425*6777b538SAndroid Build Coastguard Worker // 6) The example in the spec does not use Message Integrity Check (MIC).
426*6777b538SAndroid Build Coastguard Worker // The optional field is not present, nor is the flags AV Pair that indicates
427*6777b538SAndroid Build Coastguard Worker // it's presence.
428*6777b538SAndroid Build Coastguard Worker // 7) Since the server does not provide a timestamp, the client should
429*6777b538SAndroid Build Coastguard Worker // provide one.
430*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedAuthenticateMsgSpecResponseV2[] = {
431*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x03, 0x00, 0x00, 0x00,
432*6777b538SAndroid Build Coastguard Worker     0x18, 0x00, 0x18, 0x00, 0x58, 0x00, 0x00, 0x00, 0x8a, 0x00, 0x8a, 0x00,
433*6777b538SAndroid Build Coastguard Worker     0x70, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0xfa, 0x00, 0x00, 0x00,
434*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x08, 0x00, 0x06, 0x01, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
435*6777b538SAndroid Build Coastguard Worker     0x0e, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
436*6777b538SAndroid Build Coastguard Worker     0x03, 0x82, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
437*6777b538SAndroid Build Coastguard Worker     0xf7, 0x36, 0x16, 0x33, 0xf0, 0xad, 0x9b, 0xdf, 0x4a, 0x7c, 0x42, 0x1b,
438*6777b538SAndroid Build Coastguard Worker     0xc6, 0xb8, 0x24, 0xa3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
439*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
440*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x8c, 0x02, 0x60, 0xdb, 0xef, 0x69, 0x06, 0x62,
441*6777b538SAndroid Build Coastguard Worker     0xaf, 0x9c, 0x42, 0xd5, 0x07, 0x82, 0xd2, 0xed, 0x01, 0x01, 0x00, 0x00,
442*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x80, 0x0b, 0xc8, 0xfd, 0x00, 0xd4, 0xd2, 0x01,
443*6777b538SAndroid Build Coastguard Worker     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00,
444*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x0c, 0x00, 'D',  0x00, 'o',  0x00, 'm',  0x00, 'a',  0x00,
445*6777b538SAndroid Build Coastguard Worker     'i',  0x00, 'n',  0x00, 0x01, 0x00, 0x0c, 0x00, 'S',  0x00, 'e',  0x00,
446*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 'v',  0x00, 'e',  0x00, 'r',  0x00, 0x06, 0x00, 0x04, 0x00,
447*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x00, 0x65, 0x86, 0xE9, 0x9D,
448*6777b538SAndroid Build Coastguard Worker     0x81, 0xC2, 0xFC, 0x98, 0x4E, 0x47, 0x17, 0x2F, 0xD4, 0xDD, 0x03, 0x10,
449*6777b538SAndroid Build Coastguard Worker     0x09, 0x00, 0x16, 0x00, 'H',  0x00, 'T',  0x00, 'T',  0x00, 'P',  0x00,
450*6777b538SAndroid Build Coastguard Worker     '/',  0x00, 'S',  0x00, 'e',  0x00, 'r',  0x00, 'v',  0x00, 'e',  0x00,
451*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 'D',  0x00,
452*6777b538SAndroid Build Coastguard Worker     'o',  0x00, 'm',  0x00, 'a',  0x00, 'i',  0x00, 'n',  0x00, 'U',  0x00,
453*6777b538SAndroid Build Coastguard Worker     's',  0x00, 'e',  0x00, 'r',  0x00, 'C',  0x00, 'O',  0x00, 'M',  0x00,
454*6777b538SAndroid Build Coastguard Worker     'P',  0x00, 'U',  0x00, 'T',  0x00, 'E',  0x00, 'R',  0x00,
455*6777b538SAndroid Build Coastguard Worker };
456*6777b538SAndroid Build Coastguard Worker 
457*6777b538SAndroid Build Coastguard Worker // Expected V2 Authenticate message from this implementation when sent
458*6777b538SAndroid Build Coastguard Worker // |kChallengeMsgV1| as the challenge using default features. This scenario
459*6777b538SAndroid Build Coastguard Worker // can occur because some older implementations (Windows 2003 and earlier),
460*6777b538SAndroid Build Coastguard Worker // do not send NTLMSSP_NEGOTIATE_TARGET_INFO, nor a Target Info payload in
461*6777b538SAndroid Build Coastguard Worker // the challenge message.
462*6777b538SAndroid Build Coastguard Worker //
463*6777b538SAndroid Build Coastguard Worker // [0-7]    - "NTLMSSP\0"                          (Signature)
464*6777b538SAndroid Build Coastguard Worker // [9-11]   - |MessageType::kAuthenticate|         (Message Type = 0x00000003)
465*6777b538SAndroid Build Coastguard Worker // [12-19]  - |SecBuf(88, kResponseLenV1)|         (LM Response)
466*6777b538SAndroid Build Coastguard Worker // [20-27]  - |SecBuf(112, 106)|                   (NTLM Response)
467*6777b538SAndroid Build Coastguard Worker // [28-35]  - |SecBuf(218, 12)|                    (Target Name = L"Domain")
468*6777b538SAndroid Build Coastguard Worker // [36-43]  - |SecBuf(230, 8)|                     (User = L"User")
469*6777b538SAndroid Build Coastguard Worker // [44-51]  - |SecBuf(238, 16)|                    (Workstation = L"COMPUTER")
470*6777b538SAndroid Build Coastguard Worker // [52-59]  - |SecBuf(88, 0)|                      (Session Key (empty))
471*6777b538SAndroid Build Coastguard Worker // [60-63]  - 0x00088203                           (Flags)
472*6777b538SAndroid Build Coastguard Worker // [64-71]  - All zero                             (Version)
473*6777b538SAndroid Build Coastguard Worker // [72-87]  -                                      (MIC)
474*6777b538SAndroid Build Coastguard Worker // [88-111] - All zero                             (LM Response Payload)
475*6777b538SAndroid Build Coastguard Worker // [112-217]-------------------------------------- (NTLM Response Payload)
476*6777b538SAndroid Build Coastguard Worker //   [112-127]-                                    (NTLMv2 Proof)
477*6777b538SAndroid Build Coastguard Worker //   [128-155]-|kExpectedTempWithClientTimestampV2[0-27]|
478*6777b538SAndroid Build Coastguard Worker //                                                 (Proof Input)
479*6777b538SAndroid Build Coastguard Worker //   [156-213]-|kExpectedTargetInfoSpecResponseV2[32-89]|
480*6777b538SAndroid Build Coastguard Worker //                                                 (Updated target info)
481*6777b538SAndroid Build Coastguard Worker //   [214-217]-0x00000000                          (Reserved - zeros)
482*6777b538SAndroid Build Coastguard Worker // -----------------------------------------------------------------------
483*6777b538SAndroid Build Coastguard Worker // [218-229]- L"Domain"                            (Target Name Payload)
484*6777b538SAndroid Build Coastguard Worker // [230-237]- L"User"                              (User Payload)
485*6777b538SAndroid Build Coastguard Worker // [238-253]- L"COMPUTER"                          (Workstation Payload)
486*6777b538SAndroid Build Coastguard Worker //
487*6777b538SAndroid Build Coastguard Worker // NOTE: This is message is almost the same as
488*6777b538SAndroid Build Coastguard Worker // |kExpectedAuthenticateMsgSpecResponseV2| with the following changes.
489*6777b538SAndroid Build Coastguard Worker // 1) The target info within the NTLM response is missing the first 32
490*6777b538SAndroid Build Coastguard Worker // bytes, which represent the 2 AvPairs that the server does not send in
491*6777b538SAndroid Build Coastguard Worker // this case.
492*6777b538SAndroid Build Coastguard Worker // 2) The NTLM Response security buffer length is reduced by 32 and therefore
493*6777b538SAndroid Build Coastguard Worker // all subsequent security buffer offsets are reduced by 32.
494*6777b538SAndroid Build Coastguard Worker // 3) The NTLMv2 Proof is different since the different target info changes
495*6777b538SAndroid Build Coastguard Worker // the hash.
496*6777b538SAndroid Build Coastguard Worker // 4) As with the NTLMv2 Proof, the MIC is different because the message is
497*6777b538SAndroid Build Coastguard Worker // different.
498*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedAuthenticateMsgToOldV1ChallegeV2[] = {
499*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x03, 0x00, 0x00, 0x00,
500*6777b538SAndroid Build Coastguard Worker     0x18, 0x00, 0x18, 0x00, 0x58, 0x00, 0x00, 0x00, 0x6a, 0x00, 0x6a, 0x00,
501*6777b538SAndroid Build Coastguard Worker     0x70, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0xda, 0x00, 0x00, 0x00,
502*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x08, 0x00, 0xe6, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
503*6777b538SAndroid Build Coastguard Worker     0xee, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
504*6777b538SAndroid Build Coastguard Worker     0x03, 0x82, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
505*6777b538SAndroid Build Coastguard Worker     0x31, 0x37, 0xd6, 0x9e, 0x5c, 0xc8, 0x7d, 0x7a, 0x9f, 0x7c, 0xf4, 0x1a,
506*6777b538SAndroid Build Coastguard Worker     0x5a, 0x19, 0xdc, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
507*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
508*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0xbe, 0xd9, 0xa9, 0x42, 0x20, 0xc2, 0x25, 0x2b,
509*6777b538SAndroid Build Coastguard Worker     0x91, 0x6e, 0x9c, 0xe3, 0x9d, 0x97, 0x3a, 0x2d, 0x01, 0x01, 0x00, 0x00,
510*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x80, 0x0b, 0xc8, 0xfd, 0x00, 0xd4, 0xd2, 0x01,
511*6777b538SAndroid Build Coastguard Worker     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00,
512*6777b538SAndroid Build Coastguard Worker     0x06, 0x00, 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x00,
513*6777b538SAndroid Build Coastguard Worker     0x65, 0x86, 0xE9, 0x9D, 0x81, 0xC2, 0xFC, 0x98, 0x4E, 0x47, 0x17, 0x2F,
514*6777b538SAndroid Build Coastguard Worker     0xD4, 0xDD, 0x03, 0x10, 0x09, 0x00, 0x16, 0x00, 'H',  0x00, 'T',  0x00,
515*6777b538SAndroid Build Coastguard Worker     'T',  0x00, 'P',  0x00, '/',  0x00, 'S',  0x00, 'e',  0x00, 'r',  0x00,
516*6777b538SAndroid Build Coastguard Worker     'v',  0x00, 'e',  0x00, 'r',  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
517*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 'D',  0x00, 'o',  0x00, 'm',  0x00, 'a',  0x00, 'i',  0x00,
518*6777b538SAndroid Build Coastguard Worker     'n',  0x00, 'U',  0x00, 's',  0x00, 'e',  0x00, 'r',  0x00, 'C',  0x00,
519*6777b538SAndroid Build Coastguard Worker     'O',  0x00, 'M',  0x00, 'P',  0x00, 'U',  0x00, 'T',  0x00, 'E',  0x00,
520*6777b538SAndroid Build Coastguard Worker     'R',  0x00,
521*6777b538SAndroid Build Coastguard Worker };
522*6777b538SAndroid Build Coastguard Worker 
523*6777b538SAndroid Build Coastguard Worker // Expected V2 Authenticate message from this implementation when sent
524*6777b538SAndroid Build Coastguard Worker // |kChallengeMsgFromSpecV2|, no channel bindings exist, and the remote
525*6777b538SAndroid Build Coastguard Worker // server is named 'server' (with lowercase 's'). All the test data from the
526*6777b538SAndroid Build Coastguard Worker // spec uses 'Server' with an uppercase 'S'. Chrome lower cases the hostname
527*6777b538SAndroid Build Coastguard Worker // so this result vector is needed for an end to end test in
528*6777b538SAndroid Build Coastguard Worker // |HttpNetworkTransactionUnitTest|.
529*6777b538SAndroid Build Coastguard Worker //
530*6777b538SAndroid Build Coastguard Worker // The response is the same as |kExpectedAuthenticateMsgSpecResponseV2| with
531*6777b538SAndroid Build Coastguard Worker // the following differences.
532*6777b538SAndroid Build Coastguard Worker //
533*6777b538SAndroid Build Coastguard Worker // [72-87]   - The MIC (hash of all messages) is different because the
534*6777b538SAndroid Build Coastguard Worker //     message is different.
535*6777b538SAndroid Build Coastguard Worker // [112-127] - The cryptographic proof is different due to the changed
536*6777b538SAndroid Build Coastguard Worker //     AvPairs below, which are inputs to the hash.
537*6777b538SAndroid Build Coastguard Worker // [225]- The 's' in the  SPN AvPair is lowercase.
538*6777b538SAndroid Build Coastguard Worker // [200-215] - The channel binding AvPair in the target info is all zero. See
539*6777b538SAndroid Build Coastguard Worker //     |kExpectedTargetInfoSpecResponseV2| for more information.
540*6777b538SAndroid Build Coastguard Worker constexpr uint8_t kExpectedAuthenticateMsgEmptyChannelBindingsV2[] = {
541*6777b538SAndroid Build Coastguard Worker     'N',  'T',  'L',  'M',  'S',  'S',  'P',  '\0', 0x03, 0x00, 0x00, 0x00,
542*6777b538SAndroid Build Coastguard Worker     0x18, 0x00, 0x18, 0x00, 0x58, 0x00, 0x00, 0x00, 0x8a, 0x00, 0x8a, 0x00,
543*6777b538SAndroid Build Coastguard Worker     0x70, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0xfa, 0x00, 0x00, 0x00,
544*6777b538SAndroid Build Coastguard Worker     0x08, 0x00, 0x08, 0x00, 0x06, 0x01, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
545*6777b538SAndroid Build Coastguard Worker     0x0e, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
546*6777b538SAndroid Build Coastguard Worker     0x03, 0x82, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
547*6777b538SAndroid Build Coastguard Worker     0xa7, 0x37, 0x50, 0x69, 0x59, 0xfe, 0xea, 0x74, 0xaa, 0x77, 0xa1, 0xc0,
548*6777b538SAndroid Build Coastguard Worker     0x5b, 0xe2, 0x39, 0xa2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
549*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
550*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0xfe, 0x4d, 0xec, 0x67, 0xcf, 0x4d, 0xbd, 0xf8,
551*6777b538SAndroid Build Coastguard Worker     0xc7, 0xa7, 0x80, 0x89, 0xb1, 0xc5, 0x46, 0xa7, 0x01, 0x01, 0x00, 0x00,
552*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x80, 0x0b, 0xc8, 0xfd, 0x00, 0xd4, 0xd2, 0x01,
553*6777b538SAndroid Build Coastguard Worker     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00,
554*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x0c, 0x00, 'D',  0x00, 'o',  0x00, 'm',  0x00, 'a',  0x00,
555*6777b538SAndroid Build Coastguard Worker     'i',  0x00, 'n',  0x00, 0x01, 0x00, 0x0c, 0x00, 'S',  0x00, 'e',  0x00,
556*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 'v',  0x00, 'e',  0x00, 'r',  0x00, 0x06, 0x00, 0x04, 0x00,
557*6777b538SAndroid Build Coastguard Worker     0x02, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00,
558*6777b538SAndroid Build Coastguard Worker     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
559*6777b538SAndroid Build Coastguard Worker     0x09, 0x00, 0x16, 0x00, 'H',  0x00, 'T',  0x00, 'T',  0x00, 'P',  0x00,
560*6777b538SAndroid Build Coastguard Worker     '/',  0x00, 's',  0x00, 'e',  0x00, 'r',  0x00, 'v',  0x00, 'e',  0x00,
561*6777b538SAndroid Build Coastguard Worker     'r',  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 'D',  0x00,
562*6777b538SAndroid Build Coastguard Worker     'o',  0x00, 'm',  0x00, 'a',  0x00, 'i',  0x00, 'n',  0x00, 'U',  0x00,
563*6777b538SAndroid Build Coastguard Worker     's',  0x00, 'e',  0x00, 'r',  0x00, 'C',  0x00, 'O',  0x00, 'M',  0x00,
564*6777b538SAndroid Build Coastguard Worker     'P',  0x00, 'U',  0x00, 'T',  0x00, 'E',  0x00, 'R',  0x00,
565*6777b538SAndroid Build Coastguard Worker };
566*6777b538SAndroid Build Coastguard Worker 
567*6777b538SAndroid Build Coastguard Worker }  // namespace net::ntlm::test
568*6777b538SAndroid Build Coastguard Worker 
569*6777b538SAndroid Build Coastguard Worker #endif  // NET_NTLM_NTLM_TEST_DATA_H_
570