final class NTLMEngineImpl extends java.lang.Object implements NTLMEngine
Modifier and Type | Class and Description |
---|---|
protected static class |
NTLMEngineImpl.CipherGen |
(package private) static class |
NTLMEngineImpl.Handle |
(package private) static class |
NTLMEngineImpl.HMACMD5
Cryptography support - HMACMD5 - algorithmically based on various web
resources by Karl Wright
|
(package private) static class |
NTLMEngineImpl.MD4
Cryptography support - MD4.
|
(package private) static class |
NTLMEngineImpl.Mode |
(package private) static class |
NTLMEngineImpl.NTLMMessage
NTLM message generation, base class
|
(package private) static class |
NTLMEngineImpl.Type1Message
Type 1 message assembly class
|
(package private) static class |
NTLMEngineImpl.Type2Message
Type 2 message class
|
(package private) static class |
NTLMEngineImpl.Type3Message
Type 3 message assembly class
|
Modifier and Type | Field and Description |
---|---|
private static java.nio.charset.Charset |
DEFAULT_CHARSET
Character encoding
|
(package private) static int |
FLAG_DOMAIN_PRESENT |
(package private) static int |
FLAG_REQUEST_128BIT_KEY_EXCH |
(package private) static int |
FLAG_REQUEST_56BIT_ENCRYPTION |
(package private) static int |
FLAG_REQUEST_ALWAYS_SIGN |
(package private) static int |
FLAG_REQUEST_EXPLICIT_KEY_EXCH |
(package private) static int |
FLAG_REQUEST_LAN_MANAGER_KEY |
(package private) static int |
FLAG_REQUEST_NTLM2_SESSION |
(package private) static int |
FLAG_REQUEST_NTLMv1 |
(package private) static int |
FLAG_REQUEST_OEM_ENCODING |
(package private) static int |
FLAG_REQUEST_SEAL |
(package private) static int |
FLAG_REQUEST_SIGN |
(package private) static int |
FLAG_REQUEST_TARGET |
(package private) static int |
FLAG_REQUEST_UNICODE_ENCODING |
(package private) static int |
FLAG_REQUEST_VERSION |
(package private) static int |
FLAG_TARGETINFO_PRESENT |
(package private) static int |
FLAG_WORKSTATION_PRESENT |
private static byte[] |
MAGIC_TLS_SERVER_ENDPOINT |
(package private) static int |
MSV_AV_CHANNEL_BINDINGS |
(package private) static int |
MSV_AV_DNS_COMPUTER_NAME |
(package private) static int |
MSV_AV_DNS_DOMAIN_NAME |
(package private) static int |
MSV_AV_DNS_TREE_NAME |
(package private) static int |
MSV_AV_EOL |
(package private) static int |
MSV_AV_FLAGS |
(package private) static int |
MSV_AV_FLAGS_ACCOUNT_AUTH_CONSTAINED |
(package private) static int |
MSV_AV_FLAGS_MIC |
(package private) static int |
MSV_AV_FLAGS_UNTRUSTED_TARGET_SPN |
(package private) static int |
MSV_AV_NB_COMPUTER_NAME |
(package private) static int |
MSV_AV_NB_DOMAIN_NAME |
(package private) static int |
MSV_AV_SINGLE_HOST |
(package private) static int |
MSV_AV_TARGET_NAME |
(package private) static int |
MSV_AV_TIMESTAMP |
private static java.security.SecureRandom |
RND_GEN
Secure random generator
|
private static byte[] |
SEAL_MAGIC_CLIENT |
private static byte[] |
SEAL_MAGIC_SERVER |
private static byte[] |
SIGN_MAGIC_CLIENT |
private static byte[] |
SIGN_MAGIC_SERVER |
private static byte[] |
SIGNATURE
The signature string as bytes in the default encoding
|
private static java.lang.String |
TYPE_1_MESSAGE |
private static java.nio.charset.Charset |
UNICODE_LITTLE_UNMARKED
Unicode encoding
|
Constructor and Description |
---|
NTLMEngineImpl() |
Modifier and Type | Method and Description |
---|---|
private static java.lang.String |
convertDomain(java.lang.String domain)
Convert domain to standard form
|
private static java.lang.String |
convertHost(java.lang.String host)
Convert host to standard form
|
private static byte[] |
createBlob(byte[] clientChallenge,
byte[] targetInformation,
byte[] timestamp)
Creates the NTLMv2 blob from the given target information block and
client challenge.
|
private static java.security.Key |
createDESKey(byte[] bytes,
int offset)
Creates a DES encryption key from the given key material.
|
private static void |
encodeLong(byte[] buf,
int offset,
int value) |
private static byte[] |
encodeLong(int value) |
(package private) static int |
F(int x,
int y,
int z) |
(package private) static int |
G(int x,
int y,
int z) |
java.lang.String |
generateType1Msg(java.lang.String domain,
java.lang.String workstation)
Generates a Type1 message given the domain and workstation.
|
java.lang.String |
generateType3Msg(java.lang.String username,
java.lang.String password,
java.lang.String domain,
java.lang.String workstation,
java.lang.String challenge)
Generates a Type3 message given the user credentials and the
authentication challenge.
|
private static java.nio.charset.Charset |
getCharset(int flags)
Find the character set based on the flags.
|
(package private) static java.security.MessageDigest |
getMD5() |
private static byte[] |
getNullTerminatedAsciiString(java.lang.String source) |
(package private) static java.lang.String |
getType1Message(java.lang.String host,
java.lang.String domain)
Creates the first message (type 1 message) in the NTLM authentication
sequence.
|
(package private) static java.lang.String |
getType3Message(java.lang.String user,
java.lang.String password,
java.lang.String host,
java.lang.String domain,
byte[] nonce,
int type2Flags,
java.lang.String target,
byte[] targetInformation)
Creates the type 3 message using the given server nonce.
|
(package private) static java.lang.String |
getType3Message(java.lang.String user,
java.lang.String password,
java.lang.String host,
java.lang.String domain,
byte[] nonce,
int type2Flags,
java.lang.String target,
byte[] targetInformation,
java.security.cert.Certificate peerServerCertificate,
byte[] type1Message,
byte[] type2Message)
Creates the type 3 message using the given server nonce.
|
(package private) static int |
H(int x,
int y,
int z) |
(package private) static byte[] |
hmacMD5(byte[] value,
byte[] key)
Calculates HMAC-MD5
|
private static byte[] |
lmHash(java.lang.String password)
Creates the LM Hash of the user's password.
|
private static byte[] |
lmResponse(byte[] hash,
byte[] challenge)
Creates the LM Response from the given hash and Type 2 challenge.
|
private static byte[] |
lmv2Hash(java.lang.String domain,
java.lang.String user,
byte[] ntlmHash)
Creates the LMv2 Hash of the user's password.
|
private static byte[] |
lmv2Response(byte[] hash,
byte[] challenge,
byte[] clientData)
Creates the LMv2 Response from the given hash, client data, and Type 2
challenge.
|
private static byte[] |
makeRandomChallenge(java.util.Random random)
Calculate a challenge block
|
private static byte[] |
makeSecondaryKey(java.util.Random random)
Calculate a 16-byte secondary key
|
(package private) static byte[] |
ntlm2SessionResponse(byte[] ntlmHash,
byte[] challenge,
byte[] clientChallenge)
Calculates the NTLM2 Session Response for the given challenge, using the
specified password and client challenge.
|
private static byte[] |
ntlmHash(java.lang.String password)
Creates the NTLM Hash of the user's password.
|
private static byte[] |
ntlmv2Hash(java.lang.String domain,
java.lang.String user,
byte[] ntlmHash)
Creates the NTLMv2 Hash of the user's password.
|
private static void |
oddParity(byte[] bytes)
Applies odd parity to the given byte array.
|
(package private) static byte[] |
RC4(byte[] value,
byte[] key)
Calculates RC4
|
private static byte[] |
readSecurityBuffer(byte[] src,
int index) |
private static int |
readULong(byte[] src,
int index) |
private static int |
readUShort(byte[] src,
int index) |
(package private) static int |
rotintlft(int val,
int numbits) |
private static java.lang.String |
stripDotSuffix(java.lang.String value)
Strip dot suffix from a name
|
(package private) static void |
writeULong(byte[] buffer,
int value,
int offset) |
(package private) static void |
writeUShort(byte[] buffer,
int value,
int offset) |
private static final java.nio.charset.Charset UNICODE_LITTLE_UNMARKED
private static final java.nio.charset.Charset DEFAULT_CHARSET
static final int FLAG_REQUEST_UNICODE_ENCODING
static final int FLAG_REQUEST_OEM_ENCODING
static final int FLAG_REQUEST_TARGET
static final int FLAG_REQUEST_SIGN
static final int FLAG_REQUEST_SEAL
static final int FLAG_REQUEST_LAN_MANAGER_KEY
static final int FLAG_REQUEST_NTLMv1
static final int FLAG_DOMAIN_PRESENT
static final int FLAG_WORKSTATION_PRESENT
static final int FLAG_REQUEST_ALWAYS_SIGN
static final int FLAG_REQUEST_NTLM2_SESSION
static final int FLAG_REQUEST_VERSION
static final int FLAG_TARGETINFO_PRESENT
static final int FLAG_REQUEST_128BIT_KEY_EXCH
static final int FLAG_REQUEST_EXPLICIT_KEY_EXCH
static final int FLAG_REQUEST_56BIT_ENCRYPTION
static final int MSV_AV_EOL
static final int MSV_AV_NB_COMPUTER_NAME
static final int MSV_AV_NB_DOMAIN_NAME
static final int MSV_AV_DNS_COMPUTER_NAME
static final int MSV_AV_DNS_DOMAIN_NAME
static final int MSV_AV_DNS_TREE_NAME
static final int MSV_AV_FLAGS
static final int MSV_AV_TIMESTAMP
static final int MSV_AV_SINGLE_HOST
static final int MSV_AV_TARGET_NAME
static final int MSV_AV_CHANNEL_BINDINGS
static final int MSV_AV_FLAGS_ACCOUNT_AUTH_CONSTAINED
static final int MSV_AV_FLAGS_MIC
static final int MSV_AV_FLAGS_UNTRUSTED_TARGET_SPN
private static final java.security.SecureRandom RND_GEN
private static final byte[] SIGNATURE
private static final byte[] SIGN_MAGIC_SERVER
private static final byte[] SIGN_MAGIC_CLIENT
private static final byte[] SEAL_MAGIC_SERVER
private static final byte[] SEAL_MAGIC_CLIENT
private static final byte[] MAGIC_TLS_SERVER_ENDPOINT
private static final java.lang.String TYPE_1_MESSAGE
private static byte[] getNullTerminatedAsciiString(java.lang.String source)
static java.lang.String getType1Message(java.lang.String host, java.lang.String domain)
host
- the computer name of the host requesting authentication.domain
- The domain to authenticate with.static java.lang.String getType3Message(java.lang.String user, java.lang.String password, java.lang.String host, java.lang.String domain, byte[] nonce, int type2Flags, java.lang.String target, byte[] targetInformation) throws NTLMEngineException
user
- The user name. This should not include the domain name.password
- The password.host
- The host that is originating the authentication request.domain
- The domain to authenticate within.nonce
- the 8 byte array the server sent.NTLMEngineException
- If (String, String, String, String, byte[], int, String, byte[])
fails.static java.lang.String getType3Message(java.lang.String user, java.lang.String password, java.lang.String host, java.lang.String domain, byte[] nonce, int type2Flags, java.lang.String target, byte[] targetInformation, java.security.cert.Certificate peerServerCertificate, byte[] type1Message, byte[] type2Message) throws NTLMEngineException
user
- The user name. This should not include the domain name.password
- The password.host
- The host that is originating the authentication request.domain
- The domain to authenticate within.nonce
- the 8 byte array the server sent.NTLMEngineException
- If (String, String, String, String, byte[], int, String, byte[], Certificate, byte[], byte[])
fails.private static int readULong(byte[] src, int index)
private static int readUShort(byte[] src, int index)
private static byte[] readSecurityBuffer(byte[] src, int index)
private static byte[] makeRandomChallenge(java.util.Random random)
private static byte[] makeSecondaryKey(java.util.Random random)
static byte[] hmacMD5(byte[] value, byte[] key) throws NTLMEngineException
NTLMEngineException
static byte[] RC4(byte[] value, byte[] key) throws NTLMEngineException
NTLMEngineException
static byte[] ntlm2SessionResponse(byte[] ntlmHash, byte[] challenge, byte[] clientChallenge) throws NTLMEngineException
NTLMEngineException
private static byte[] lmHash(java.lang.String password) throws NTLMEngineException
password
- The password.NTLMEngineException
private static byte[] ntlmHash(java.lang.String password) throws NTLMEngineException
password
- The password.NTLMEngineException
private static byte[] lmv2Hash(java.lang.String domain, java.lang.String user, byte[] ntlmHash) throws NTLMEngineException
NTLMEngineException
private static byte[] ntlmv2Hash(java.lang.String domain, java.lang.String user, byte[] ntlmHash) throws NTLMEngineException
NTLMEngineException
private static byte[] lmResponse(byte[] hash, byte[] challenge) throws NTLMEngineException
hash
- The LM or NTLM Hash.challenge
- The server challenge from the Type 2 message.NTLMEngineException
private static byte[] lmv2Response(byte[] hash, byte[] challenge, byte[] clientData)
hash
- The NTLMv2 Hash.clientData
- The client data (blob or client challenge).challenge
- The server challenge from the Type 2 message.private static byte[] encodeLong(int value)
private static void encodeLong(byte[] buf, int offset, int value)
private static byte[] createBlob(byte[] clientChallenge, byte[] targetInformation, byte[] timestamp)
targetInformation
- The target information block from the Type 2 message.clientChallenge
- The random 8-byte client challenge.private static java.security.Key createDESKey(byte[] bytes, int offset)
bytes
- A byte array containing the DES key material.offset
- The offset in the given byte array at which the 7-byte key
material starts.private static void oddParity(byte[] bytes)
bytes
- The data whose parity bits are to be adjusted for odd parity.private static java.nio.charset.Charset getCharset(int flags) throws NTLMEngineException
flags
- is the flags.NTLMEngineException
private static java.lang.String stripDotSuffix(java.lang.String value)
private static java.lang.String convertHost(java.lang.String host)
private static java.lang.String convertDomain(java.lang.String domain)
static void writeUShort(byte[] buffer, int value, int offset)
static void writeULong(byte[] buffer, int value, int offset)
static int F(int x, int y, int z)
static int G(int x, int y, int z)
static int H(int x, int y, int z)
static int rotintlft(int val, int numbits)
static java.security.MessageDigest getMD5()
public java.lang.String generateType1Msg(java.lang.String domain, java.lang.String workstation) throws NTLMEngineException
NTLMEngine
generateType1Msg
in interface NTLMEngine
domain
- Optional Windows domain name. Can be null
.workstation
- Optional Windows workstation name. Can be
null
.NTLMEngineException
public java.lang.String generateType3Msg(java.lang.String username, java.lang.String password, java.lang.String domain, java.lang.String workstation, java.lang.String challenge) throws NTLMEngineException
NTLMEngine
generateType3Msg
in interface NTLMEngine
username
- Windows user namepassword
- Passworddomain
- Windows domain nameworkstation
- Windows workstation namechallenge
- Type2 challenge.NTLMEngineException