This is a native implementation of NTLM for Go that was implemented using the Microsoft MS-NLMP documentation available at http://msdn.microsoft.com/en-us/library/cc236621.aspx. The library is currently in use and has been tested with connectionless NTLMv1 and v2 with and without extended session security.
import "github.com/jsthtlf/go-ntlm"
session, err = ntlm.CreateClientSession(ntlm.Version2, ntlm.ConnectionlessMode)
session.SetUserInfo("someuser","somepassword","somedomain")
negotiate := session.GenerateNegotiateMessage()
<send negotiate to server>
challenge, err := ntlm.ParseChallengeMessage(challengeBytes)
session.ProcessChallengeMessage(challenge)
authenticate := session.GenerateAuthenticateMessage()
<send authenticate message to server>
session, err := ntlm.CreateServerSession(ntlm.Version2, ntlm.ConnectionlessMode)
session.SetUserInfo("someuser","somepassword","somedomain")
challenge := session.GenerateChallengeMessage()
<send challenge to client>
<receive authentication bytes>
auth, err := ntlm.ParseAuthenticateMessage(authenticateBytes)
session.ProcessAuthenticateMessage(auth)
Once a session is created you can generate the Mac for a message using:
message := "this is some message to sign"
encryptedMessageWithMac := session.GssEncrypt([]byte(message))
Once a session is created you can validate the Mac for a received message using:
message := []byte{0x00, 0x00} // this is some message with sign in bytes
decryptedMessage := session.GssDecrypt(message)
Copyright Thomson Reuters Global Resources 2013 Apache License