java.lang.Object
org.tmatesoft.svn.core.internal.io.dav.http.NTLMEngine
All Implemented Interfaces:
INTLMEngine

final class NTLMEngine extends Object implements INTLMEngine
Provides an implementation for NTLMv1, NTLMv2, and NTLM2 Session forms of the NTLM authentication protocol.
Since:
4.1
  • Field Details

    • FLAG_REQUEST_UNICODE_ENCODING

      protected static final int FLAG_REQUEST_UNICODE_ENCODING
      See Also:
    • FLAG_REQUEST_TARGET

      protected static final int FLAG_REQUEST_TARGET
      See Also:
    • FLAG_REQUEST_SIGN

      protected static final int FLAG_REQUEST_SIGN
      See Also:
    • FLAG_REQUEST_SEAL

      protected static final int FLAG_REQUEST_SEAL
      See Also:
    • FLAG_REQUEST_LAN_MANAGER_KEY

      protected static final int FLAG_REQUEST_LAN_MANAGER_KEY
      See Also:
    • FLAG_REQUEST_NTLMv1

      protected static final int FLAG_REQUEST_NTLMv1
      See Also:
    • FLAG_DOMAIN_PRESENT

      protected static final int FLAG_DOMAIN_PRESENT
      See Also:
    • FLAG_WORKSTATION_PRESENT

      protected static final int FLAG_WORKSTATION_PRESENT
      See Also:
    • FLAG_REQUEST_ALWAYS_SIGN

      protected static final int FLAG_REQUEST_ALWAYS_SIGN
      See Also:
    • FLAG_REQUEST_NTLM2_SESSION

      protected static final int FLAG_REQUEST_NTLM2_SESSION
      See Also:
    • FLAG_REQUEST_VERSION

      protected static final int FLAG_REQUEST_VERSION
      See Also:
    • FLAG_TARGETINFO_PRESENT

      protected static final int FLAG_TARGETINFO_PRESENT
      See Also:
    • FLAG_REQUEST_128BIT_KEY_EXCH

      protected static final int FLAG_REQUEST_128BIT_KEY_EXCH
      See Also:
    • FLAG_REQUEST_EXPLICIT_KEY_EXCH

      protected static final int FLAG_REQUEST_EXPLICIT_KEY_EXCH
      See Also:
    • FLAG_REQUEST_56BIT_ENCRYPTION

      protected static final int FLAG_REQUEST_56BIT_ENCRYPTION
      See Also:
    • RND_GEN

      private static final SecureRandom RND_GEN
      Secure random generator
    • DEFAULT_CHARSET

      static final String DEFAULT_CHARSET
      Character encoding
      See Also:
    • credentialCharset

      private String credentialCharset
      The character set to use for encoding the credentials
    • SIGNATURE

      private static final byte[] SIGNATURE
      The signature string as bytes in the default encoding
  • Constructor Details

    • NTLMEngine

      NTLMEngine()
  • Method Details

    • getResponseFor

      final String getResponseFor(String message, String username, char[] password, String host, String domain) throws NTLMEngineException
      Returns the response for the given message.
      Parameters:
      message - the message that was received from the server.
      username - the username to authenticate with.
      password - the password to authenticate with.
      host - The host.
      domain - the NT domain to authenticate in.
      Returns:
      The response.
      Throws:
      NTLMEngineException - If the messages cannot be retrieved.
    • getType1Message

      String getType1Message(String host, String domain) throws NTLMEngineException
      Creates the first message (type 1 message) in the NTLM authentication sequence. This message includes the user name, domain and host for the authentication session.
      Parameters:
      host - the computer name of the host requesting authentication.
      domain - The domain to authenticate with.
      Returns:
      String the message to add to the HTTP request header.
      Throws:
      NTLMEngineException
    • getType3Message

      String getType3Message(String user, char[] password, String host, String domain, byte[] nonce, int type2Flags, String target, byte[] targetInformation) throws NTLMEngineException
      Creates the type 3 message using the given server nonce. The type 3 message includes all the information for authentication, host, domain, username and the result of encrypting the nonce sent by the server using the user's password as the key.
      Parameters:
      user - The user name. This should not include the domain name.
      password - The password.
      host - The host that is originating the authentication request.
      domain - The domain to authenticate within.
      nonce - the 8 byte array the server sent.
      Returns:
      The type 3 message.
      Throws:
      NTLMEngineException - If RC4(byte[],byte[]) fails.
    • getCredentialCharset

      String getCredentialCharset()
      Returns:
      Returns the credentialCharset.
    • setCredentialCharset

      void setCredentialCharset(String credentialCharset)
      Parameters:
      credentialCharset - The credentialCharset to set.
    • stripDotSuffix

      private static String stripDotSuffix(String value)
      Strip dot suffix from a name
    • convertHost

      private static String convertHost(String host)
      Convert host to standard form
    • convertDomain

      private static String convertDomain(String domain)
      Convert domain to standard form
    • readULong

      private static int readULong(byte[] src, int index) throws NTLMEngineException
      Throws:
      NTLMEngineException
    • readUShort

      private static int readUShort(byte[] src, int index) throws NTLMEngineException
      Throws:
      NTLMEngineException
    • readSecurityBuffer

      private static byte[] readSecurityBuffer(byte[] src, int index) throws NTLMEngineException
      Throws:
      NTLMEngineException
    • makeRandomChallenge

      private static byte[] makeRandomChallenge() throws NTLMEngineException
      Calculate a challenge block
      Throws:
      NTLMEngineException
    • makeSecondaryKey

      private static byte[] makeSecondaryKey() throws NTLMEngineException
      Calculate a 16-byte secondary key
      Throws:
      NTLMEngineException
    • hmacMD5

      static byte[] hmacMD5(byte[] value, byte[] key) throws NTLMEngineException
      Calculates HMAC-MD5
      Throws:
      NTLMEngineException
    • RC4

      static byte[] RC4(byte[] value, byte[] key) throws NTLMEngineException
      Calculates RC4
      Throws:
      NTLMEngineException
    • ntlm2SessionResponse

      static byte[] ntlm2SessionResponse(byte[] ntlmHash, byte[] challenge, byte[] clientChallenge) throws NTLMEngineException
      Calculates the NTLM2 Session Response for the given challenge, using the specified password and client challenge.
      Returns:
      The NTLM2 Session Response. This is placed in the NTLM response field of the Type 3 message; the LM response field contains the client challenge, null-padded to 24 bytes.
      Throws:
      NTLMEngineException
    • lmHash

      private static byte[] lmHash(char[] password) throws NTLMEngineException
      Creates the LM Hash of the user's password.
      Parameters:
      password - The password.
      Returns:
      The LM Hash of the given password, used in the calculation of the LM Response.
      Throws:
      NTLMEngineException
    • ntlmHash

      private static byte[] ntlmHash(char[] password) throws NTLMEngineException
      Creates the NTLM Hash of the user's password.
      Parameters:
      password - The password.
      Returns:
      The NTLM Hash of the given password, used in the calculation of the NTLM Response and the NTLMv2 and LMv2 Hashes.
      Throws:
      NTLMEngineException
    • lmv2Hash

      private static byte[] lmv2Hash(String domain, String user, byte[] ntlmHash) throws NTLMEngineException
      Creates the LMv2 Hash of the user's password.
      Returns:
      The LMv2 Hash, used in the calculation of the NTLMv2 and LMv2 Responses.
      Throws:
      NTLMEngineException
    • ntlmv2Hash

      private static byte[] ntlmv2Hash(String domain, String user, byte[] ntlmHash) throws NTLMEngineException
      Creates the NTLMv2 Hash of the user's password.
      Returns:
      The NTLMv2 Hash, used in the calculation of the NTLMv2 and LMv2 Responses.
      Throws:
      NTLMEngineException
    • lmResponse

      private static byte[] lmResponse(byte[] hash, byte[] challenge) throws NTLMEngineException
      Creates the LM Response from the given hash and Type 2 challenge.
      Parameters:
      hash - The LM or NTLM Hash.
      challenge - The server challenge from the Type 2 message.
      Returns:
      The response (either LM or NTLM, depending on the provided hash).
      Throws:
      NTLMEngineException
    • lmv2Response

      private static byte[] lmv2Response(byte[] hash, byte[] challenge, byte[] clientData) throws NTLMEngineException
      Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.
      Parameters:
      hash - The NTLMv2 Hash.
      clientData - The client data (blob or client challenge).
      challenge - The server challenge from the Type 2 message.
      Returns:
      The response (either NTLMv2 or LMv2, depending on the client data).
      Throws:
      NTLMEngineException
    • createBlob

      private static byte[] createBlob(byte[] clientChallenge, byte[] targetInformation, byte[] timestamp)
      Creates the NTLMv2 blob from the given target information block and client challenge.
      Parameters:
      targetInformation - The target information block from the Type 2 message.
      clientChallenge - The random 8-byte client challenge.
      Returns:
      The blob, used in the calculation of the NTLMv2 Response.
    • createDESKey

      private static Key createDESKey(byte[] bytes, int offset)
      Creates a DES encryption key from the given key material.
      Parameters:
      bytes - A byte array containing the DES key material.
      offset - The offset in the given byte array at which the 7-byte key material starts.
      Returns:
      A DES encryption key created from the key material starting at the specified offset in the given byte array.
    • oddParity

      private static void oddParity(byte[] bytes)
      Applies odd parity to the given byte array.
      Parameters:
      bytes - The data whose parity bits are to be adjusted for odd parity.
    • writeULong

      static void writeULong(byte[] buffer, int value, int offset)
    • F

      static int F(int x, int y, int z)
    • G

      static int G(int x, int y, int z)
    • H

      static int H(int x, int y, int z)
    • rotintlft

      static int rotintlft(int val, int numbits)
    • generateType1Msg

      public String generateType1Msg(String domain, String workstation) throws NTLMEngineException
      Specified by:
      generateType1Msg in interface INTLMEngine
      Throws:
      NTLMEngineException
    • generateType3Msg

      public String generateType3Msg(String username, char[] password, String domain, String workstation, String challenge) throws NTLMEngineException
      Specified by:
      generateType3Msg in interface INTLMEngine
      Throws:
      NTLMEngineException