'MS-CHAPv2 - How to arrive at the auth response in the Success Packet

My team is currently working on an authentication module which uses MS-CHAPv2 protocol to authenticate users. The API we have designed in C#, takes in username, challenge Hash and challenge Response as input parameters from the client and authenticates against the AD server and if the authentication is successful, returns a STATUS_SUCCESS and STATUS_ERROR in case of any error or failure with the corresponding error code.

The LSALogonUser API parameters looks like below-

LsaLogonUtil.WinStatusCodes lsaLogonStatus = LsaLogonUtil.LsaLogon(
                    lsaHandle,
                    ref originName._string,
                    LsaLogonUtil.SecurityLogonType.Network,
                    msvAuthPackageId,
                    lsaAuthPackage.Ptr,
                    (uint)lsaAuthPackage.Length,
                    IntPtr.Zero,
                    ref sourceContext,
                    out IntPtr profileBuffer,
                    out uint profileBufferLength,
                    out long logonId,
                    out IntPtr m_hToken,
                    out LsaLogonUtil.QuotaLimits quotas,
                    out LsaLogonUtil.WinStatusCodes subStatus);```


In addition to authenticating the users and returning the status message, we also need to return the authenticator response which is part of the MS-CHAPv2 Success packet. 
This authenticator response is needed for obtain the NTHash which in turn will be sent to the supplicant for the authentication process to complete.
The output parameters in the lsaLogonUser function above do not hold any relevant information.

[enter image description here][1]

Also, as shown in the flow diagram attached, after the NTHash is obtained from the password using the MD4 digest in step 8, how do we get the auth response A in step 11?
We need help in figuring out how the steps 8 - 11 take place.

[RFC](https://datatracker.ietf.org/doc/html/rfc2759#section-5)
The above RFC describes about a Response packet (Section 4) and a Success packet (Section 5). We do not know how to arrive at this data.

If anyone in the MS team can point us in this direction, that would be helpful.


  [1]: https://i.stack.imgur.com/d7ADp.png
c++sharpauthenticationactive-directoryprotocols


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions