Class NTLMEngine
java.lang.Object
org.tmatesoft.svn.core.internal.io.dav.http.NTLMEngine
- All Implemented Interfaces:
INTLMEngine
Provides an implementation for NTLMv1, NTLMv2, and NTLM2 Session forms of the NTLM
authentication protocol.
- Since:
- 4.1
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprotected static class
(package private) static class
Cryptography support - HMACMD5 - algorithmically based on various web resources by Karl Wright(package private) static class
Cryptography support - MD4.(package private) static class
NTLM message generation, base class(package private) static class
Type 1 message assembly class(package private) static class
Type 2 message class(package private) static class
Type 3 message assembly class -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate String
The character set to use for encoding the credentials(package private) static final String
Character encodingprotected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
protected static final int
private static final SecureRandom
Secure random generatorprivate static final byte[]
The signature string as bytes in the default encoding -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate static String
convertDomain
(String domain) Convert domain to standard formprivate static String
convertHost
(String host) Convert host to standard formprivate static byte[]
createBlob
(byte[] clientChallenge, byte[] targetInformation, byte[] timestamp) Creates the NTLMv2 blob from the given target information block and client challenge.private static Key
createDESKey
(byte[] bytes, int offset) Creates a DES encryption key from the given key material.(package private) static int
F
(int x, int y, int z) (package private) static int
G
(int x, int y, int z) generateType1Msg
(String domain, String workstation) generateType3Msg
(String username, char[] password, String domain, String workstation, String challenge) (package private) String
(package private) final String
getResponseFor
(String message, String username, char[] password, String host, String domain) Returns the response for the given message.(package private) String
getType1Message
(String host, String domain) Creates the first message (type 1 message) in the NTLM authentication sequence.(package private) String
getType3Message
(String user, char[] password, String host, String domain, byte[] nonce, int type2Flags, String target, byte[] targetInformation) Creates the type 3 message using the given server nonce.(package private) static int
H
(int x, int y, int z) (package private) static byte[]
hmacMD5
(byte[] value, byte[] key) Calculates HMAC-MD5private static byte[]
lmHash
(char[] password) Creates the LM Hash of the user's password.private static byte[]
lmResponse
(byte[] hash, byte[] challenge) Creates the LM Response from the given hash and Type 2 challenge.private static byte[]
Creates the LMv2 Hash of the user's password.private static byte[]
lmv2Response
(byte[] hash, byte[] challenge, byte[] clientData) Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.private static byte[]
Calculate a challenge blockprivate static byte[]
Calculate a 16-byte secondary key(package private) static byte[]
ntlm2SessionResponse
(byte[] ntlmHash, byte[] challenge, byte[] clientChallenge) Calculates the NTLM2 Session Response for the given challenge, using the specified password and client challenge.private static byte[]
ntlmHash
(char[] password) Creates the NTLM Hash of the user's password.private static byte[]
ntlmv2Hash
(String domain, String user, byte[] ntlmHash) Creates the NTLMv2 Hash of the user's password.private static void
oddParity
(byte[] bytes) Applies odd parity to the given byte array.(package private) static byte[]
RC4
(byte[] value, byte[] key) Calculates RC4private static byte[]
readSecurityBuffer
(byte[] src, int index) private static int
readULong
(byte[] src, int index) private static int
readUShort
(byte[] src, int index) (package private) static int
rotintlft
(int val, int numbits) (package private) void
setCredentialCharset
(String credentialCharset) private static String
stripDotSuffix
(String value) Strip dot suffix from a name(package private) static void
writeULong
(byte[] buffer, int value, int offset)
-
Field Details
-
FLAG_REQUEST_UNICODE_ENCODING
protected static final int FLAG_REQUEST_UNICODE_ENCODING- See Also:
-
FLAG_REQUEST_TARGET
protected static final int FLAG_REQUEST_TARGET- See Also:
-
FLAG_REQUEST_SIGN
protected static final int FLAG_REQUEST_SIGN- See Also:
-
FLAG_REQUEST_SEAL
protected static final int FLAG_REQUEST_SEAL- See Also:
-
FLAG_REQUEST_LAN_MANAGER_KEY
protected static final int FLAG_REQUEST_LAN_MANAGER_KEY- See Also:
-
FLAG_REQUEST_NTLMv1
protected static final int FLAG_REQUEST_NTLMv1- See Also:
-
FLAG_DOMAIN_PRESENT
protected static final int FLAG_DOMAIN_PRESENT- See Also:
-
FLAG_WORKSTATION_PRESENT
protected static final int FLAG_WORKSTATION_PRESENT- See Also:
-
FLAG_REQUEST_ALWAYS_SIGN
protected static final int FLAG_REQUEST_ALWAYS_SIGN- See Also:
-
FLAG_REQUEST_NTLM2_SESSION
protected static final int FLAG_REQUEST_NTLM2_SESSION- See Also:
-
FLAG_REQUEST_VERSION
protected static final int FLAG_REQUEST_VERSION- See Also:
-
FLAG_TARGETINFO_PRESENT
protected static final int FLAG_TARGETINFO_PRESENT- See Also:
-
FLAG_REQUEST_128BIT_KEY_EXCH
protected static final int FLAG_REQUEST_128BIT_KEY_EXCH- See Also:
-
FLAG_REQUEST_EXPLICIT_KEY_EXCH
protected static final int FLAG_REQUEST_EXPLICIT_KEY_EXCH- See Also:
-
FLAG_REQUEST_56BIT_ENCRYPTION
protected static final int FLAG_REQUEST_56BIT_ENCRYPTION- See Also:
-
RND_GEN
Secure random generator -
DEFAULT_CHARSET
Character encoding- See Also:
-
credentialCharset
The character set to use for encoding the credentials -
SIGNATURE
private static final byte[] SIGNATUREThe signature string as bytes in the default encoding
-
-
Constructor Details
-
NTLMEngine
NTLMEngine()
-
-
Method Details
-
getResponseFor
final String getResponseFor(String message, String username, char[] password, String host, String domain) throws NTLMEngineException Returns the response for the given message.- Parameters:
message
- the message that was received from the server.username
- the username to authenticate with.password
- the password to authenticate with.host
- The host.domain
- the NT domain to authenticate in.- Returns:
- The response.
- Throws:
NTLMEngineException
- If the messages cannot be retrieved.
-
getType1Message
Creates the first message (type 1 message) in the NTLM authentication sequence. This message includes the user name, domain and host for the authentication session.- Parameters:
host
- the computer name of the host requesting authentication.domain
- The domain to authenticate with.- Returns:
- String the message to add to the HTTP request header.
- Throws:
NTLMEngineException
-
getType3Message
String getType3Message(String user, char[] password, String host, String domain, byte[] nonce, int type2Flags, String target, byte[] targetInformation) throws NTLMEngineException Creates the type 3 message using the given server nonce. The type 3 message includes all the information for authentication, host, domain, username and the result of encrypting the nonce sent by the server using the user's password as the key.- Parameters:
user
- The user name. This should not include the domain name.password
- The password.host
- The host that is originating the authentication request.domain
- The domain to authenticate within.nonce
- the 8 byte array the server sent.- Returns:
- The type 3 message.
- Throws:
NTLMEngineException
- IfRC4(byte[],byte[])
fails.
-
getCredentialCharset
String getCredentialCharset()- Returns:
- Returns the credentialCharset.
-
setCredentialCharset
- Parameters:
credentialCharset
- The credentialCharset to set.
-
stripDotSuffix
Strip dot suffix from a name -
convertHost
Convert host to standard form -
convertDomain
Convert domain to standard form -
readULong
- Throws:
NTLMEngineException
-
readUShort
- Throws:
NTLMEngineException
-
readSecurityBuffer
- Throws:
NTLMEngineException
-
makeRandomChallenge
Calculate a challenge block- Throws:
NTLMEngineException
-
makeSecondaryKey
Calculate a 16-byte secondary key- Throws:
NTLMEngineException
-
hmacMD5
Calculates HMAC-MD5- Throws:
NTLMEngineException
-
RC4
Calculates RC4- Throws:
NTLMEngineException
-
ntlm2SessionResponse
static byte[] ntlm2SessionResponse(byte[] ntlmHash, byte[] challenge, byte[] clientChallenge) throws NTLMEngineException Calculates the NTLM2 Session Response for the given challenge, using the specified password and client challenge.- Returns:
- The NTLM2 Session Response. This is placed in the NTLM response field of the Type 3 message; the LM response field contains the client challenge, null-padded to 24 bytes.
- Throws:
NTLMEngineException
-
lmHash
Creates the LM Hash of the user's password.- Parameters:
password
- The password.- Returns:
- The LM Hash of the given password, used in the calculation of the LM Response.
- Throws:
NTLMEngineException
-
ntlmHash
Creates the NTLM Hash of the user's password.- Parameters:
password
- The password.- Returns:
- The NTLM Hash of the given password, used in the calculation of the NTLM Response and the NTLMv2 and LMv2 Hashes.
- Throws:
NTLMEngineException
-
lmv2Hash
private static byte[] lmv2Hash(String domain, String user, byte[] ntlmHash) throws NTLMEngineException Creates the LMv2 Hash of the user's password.- Returns:
- The LMv2 Hash, used in the calculation of the NTLMv2 and LMv2 Responses.
- Throws:
NTLMEngineException
-
ntlmv2Hash
private static byte[] ntlmv2Hash(String domain, String user, byte[] ntlmHash) throws NTLMEngineException Creates the NTLMv2 Hash of the user's password.- Returns:
- The NTLMv2 Hash, used in the calculation of the NTLMv2 and LMv2 Responses.
- Throws:
NTLMEngineException
-
lmResponse
Creates the LM Response from the given hash and Type 2 challenge.- Parameters:
hash
- The LM or NTLM Hash.challenge
- The server challenge from the Type 2 message.- Returns:
- The response (either LM or NTLM, depending on the provided hash).
- Throws:
NTLMEngineException
-
lmv2Response
private static byte[] lmv2Response(byte[] hash, byte[] challenge, byte[] clientData) throws NTLMEngineException Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.- Parameters:
hash
- The NTLMv2 Hash.clientData
- The client data (blob or client challenge).challenge
- The server challenge from the Type 2 message.- Returns:
- The response (either NTLMv2 or LMv2, depending on the client data).
- Throws:
NTLMEngineException
-
createBlob
private static byte[] createBlob(byte[] clientChallenge, byte[] targetInformation, byte[] timestamp) Creates the NTLMv2 blob from the given target information block and client challenge.- Parameters:
targetInformation
- The target information block from the Type 2 message.clientChallenge
- The random 8-byte client challenge.- Returns:
- The blob, used in the calculation of the NTLMv2 Response.
-
createDESKey
Creates a DES encryption key from the given key material.- Parameters:
bytes
- A byte array containing the DES key material.offset
- The offset in the given byte array at which the 7-byte key material starts.- Returns:
- A DES encryption key created from the key material starting at the specified offset in the given byte array.
-
oddParity
private static void oddParity(byte[] bytes) Applies odd parity to the given byte array.- Parameters:
bytes
- The data whose parity bits are to be adjusted for odd parity.
-
writeULong
static void writeULong(byte[] buffer, int value, int offset) -
F
static int F(int x, int y, int z) -
G
static int G(int x, int y, int z) -
H
static int H(int x, int y, int z) -
rotintlft
static int rotintlft(int val, int numbits) -
generateType1Msg
- Specified by:
generateType1Msg
in interfaceINTLMEngine
- Throws:
NTLMEngineException
-
generateType3Msg
public String generateType3Msg(String username, char[] password, String domain, String workstation, String challenge) throws NTLMEngineException - Specified by:
generateType3Msg
in interfaceINTLMEngine
- Throws:
NTLMEngineException
-