jcifs.ntlmssp.NtlmFlags Java Examples
The following examples show how to use
jcifs.ntlmssp.NtlmFlags.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: NtlmContext.java From jcifs with GNU Lesser General Public License v2.1 | 6 votes |
|
/**
* @param tc
* context to use
* @param auth
* credentials
* @param doSigning
* whether signing is requested
*/
public NtlmContext ( CIFSContext tc, NtlmPasswordAuthenticator auth, boolean doSigning ) {
this.transportContext = tc;
this.auth = auth;
this.ntlmsspFlags = this.ntlmsspFlags | NtlmFlags.NTLMSSP_REQUEST_TARGET | NtlmFlags.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
| NtlmFlags.NTLMSSP_NEGOTIATE_128;
if ( !auth.isAnonymous() ) {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_SIGN | NtlmFlags.NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH;
}
else if ( auth.isGuest() ) {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH;
}
else {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_ANONYMOUS;
}
this.requireKeyExchange = doSigning;
this.workstation = tc.getConfig().getNetbiosHostname();
}
Example #2
| Source File: NtlmContext.java From jcifs-ng with GNU Lesser General Public License v2.1 | 6 votes |
|
/**
* @param tc
* context to use
* @param auth
* credentials
* @param doSigning
* whether signing is requested
*/
public NtlmContext ( CIFSContext tc, NtlmPasswordAuthenticator auth, boolean doSigning ) {
this.transportContext = tc;
this.auth = auth;
this.ntlmsspFlags = this.ntlmsspFlags | NtlmFlags.NTLMSSP_REQUEST_TARGET | NtlmFlags.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
| NtlmFlags.NTLMSSP_NEGOTIATE_128;
if ( !auth.isAnonymous() ) {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_SIGN | NtlmFlags.NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH;
}
else if ( auth.isGuest() ) {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH;
}
else {
this.ntlmsspFlags |= NtlmFlags.NTLMSSP_NEGOTIATE_ANONYMOUS;
}
this.requireKeyExchange = doSigning;
this.workstation = tc.getConfig().getNetbiosHostname();
}
Example #3
| Source File: NtlmTest.java From jcifs with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testParsingType2Target () throws IOException {
int flags = NtlmFlags.NTLMSSP_REQUEST_TARGET;
String target = "TARGET";
byte[] challenge = new byte[] {
0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
};
Type2Message t2 = new Type2Message(this.context, flags, challenge, target);
Type2Message parsed = new Type2Message(t2.toByteArray());
assertArrayEquals(challenge, parsed.getChallenge());
assertEquals(target, parsed.getTarget());
}
Example #4
| Source File: NtlmTest.java From jcifs-ng with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testParsingType1 () throws IOException {
int flags = 0x80000000;
String suppliedDomain = "TESTDOM";
String suppliedWorkstation = "TESTWS";
Type1Message t1 = new Type1Message(this.context, flags, suppliedDomain, suppliedWorkstation);
int origFlags = t1.getFlags();
Type1Message parsed = new Type1Message(t1.toByteArray());
assertEquals(origFlags, parsed.getFlags());
if ( parsed.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) ) {
assertEquals(suppliedDomain, parsed.getSuppliedDomain());
}
if ( parsed.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) ) {
assertEquals(suppliedWorkstation, parsed.getSuppliedWorkstation());
}
}
Example #5
| Source File: NtlmTest.java From jcifs-ng with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testParsingType2Target () throws IOException {
int flags = NtlmFlags.NTLMSSP_REQUEST_TARGET;
String target = "TARGET";
byte[] challenge = new byte[] {
0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8
};
Type2Message t2 = new Type2Message(this.context, flags, challenge, target);
Type2Message parsed = new Type2Message(t2.toByteArray());
assertArrayEquals(challenge, parsed.getChallenge());
assertEquals(target, parsed.getTarget());
}
Example #6
| Source File: NtlmContext.java From jcifs with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public byte[] calculateMIC ( byte[] data ) throws CIFSException {
byte[] sk = this.signKey;
if ( sk == null ) {
throw new CIFSException("Signing is not initialized");
}
int seqNum = this.signSequence.getAndIncrement();
byte[] seqBytes = new byte[4];
SMBUtil.writeInt4(seqNum, seqBytes, 0);
MessageDigest mac = Crypto.getHMACT64(sk);
mac.update(seqBytes); // sequence
mac.update(data); // data
byte[] dgst = mac.digest();
byte[] trunc = new byte[8];
System.arraycopy(dgst, 0, trunc, 0, 8);
if ( log.isDebugEnabled() ) {
log.debug("Digest " + Hexdump.toHexString(dgst));
log.debug("Truncated " + Hexdump.toHexString(trunc));
}
if ( ( this.ntlmsspFlags & NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH ) != 0 ) {
try {
trunc = this.sealClientHandle.doFinal(trunc);
if ( log.isDebugEnabled() ) {
log.debug("Encrypted " + Hexdump.toHexString(trunc));
}
}
catch ( GeneralSecurityException e ) {
throw new CIFSException("Failed to encrypt MIC", e);
}
}
byte[] sig = new byte[16];
SMBUtil.writeInt4(1, sig, 0); // version
System.arraycopy(trunc, 0, sig, 4, 8); // checksum
SMBUtil.writeInt4(seqNum, sig, 12); // seqNum
return sig;
}
Example #7
| Source File: NtlmContext.java From jcifs with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public void verifyMIC ( byte[] data, byte[] mic ) throws CIFSException {
byte[] sk = this.verifyKey;
if ( sk == null ) {
throw new CIFSException("Signing is not initialized");
}
int ver = SMBUtil.readInt4(mic, 0);
if ( ver != 1 ) {
throw new SmbUnsupportedOperationException("Invalid signature version");
}
MessageDigest mac = Crypto.getHMACT64(sk);
int seq = SMBUtil.readInt4(mic, 12);
mac.update(mic, 12, 4); // sequence
byte[] dgst = mac.digest(data); // data
byte[] trunc = Arrays.copyOf(dgst, 8);
if ( log.isDebugEnabled() ) {
log.debug("Digest " + Hexdump.toHexString(dgst));
log.debug("Truncated " + Hexdump.toHexString(trunc));
}
boolean encrypted = ( this.ntlmsspFlags & NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH ) != 0;
if ( encrypted ) {
try {
trunc = this.sealServerHandle.doFinal(trunc);
if ( log.isDebugEnabled() ) {
log.debug("Decrypted " + Hexdump.toHexString(trunc));
}
}
catch ( GeneralSecurityException e ) {
throw new CIFSException("Failed to decrypt MIC", e);
}
}
int expectSeq = this.verifySequence.getAndIncrement();
if ( expectSeq != seq ) {
throw new CIFSException(String.format("Invalid MIC sequence, expect %d have %d", expectSeq, seq));
}
byte[] verify = new byte[8];
System.arraycopy(mic, 4, verify, 0, 8);
if ( !MessageDigest.isEqual(trunc, verify) ) {
if ( log.isDebugEnabled() ) {
log.debug(String.format("Seq = %d ver = %d encrypted = %s", seq, ver, encrypted));
log.debug(String.format("Expected MIC %s != %s", Hexdump.toHexString(trunc), Hexdump.toHexString(verify)));
}
throw new CIFSException("Invalid MIC");
}
}
Example #8
| Source File: NtlmTest.java From jcifs with GNU Lesser General Public License v2.1 | 4 votes |
|
@Test
public void testParsingType1 () throws IOException {
int flags = 0x80000000;
String suppliedDomain = "TESTDOM";
String suppliedWorkstation = "TESTWS";
Type1Message t1 = new Type1Message(this.context, flags, suppliedDomain, suppliedWorkstation);
int origFlags = t1.getFlags();
Type1Message parsed = new Type1Message(t1.toByteArray());
assertEquals(origFlags, parsed.getFlags());
if ( parsed.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) ) {
assertEquals(suppliedDomain, parsed.getSuppliedDomain());
}
if ( parsed.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) ) {
assertEquals(suppliedWorkstation, parsed.getSuppliedWorkstation());
}
}
Example #9
| Source File: NtlmContext.java From jcifs-ng with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public byte[] calculateMIC ( byte[] data ) throws CIFSException {
byte[] sk = this.signKey;
if ( sk == null ) {
throw new CIFSException("Signing is not initialized");
}
int seqNum = this.signSequence.getAndIncrement();
byte[] seqBytes = new byte[4];
SMBUtil.writeInt4(seqNum, seqBytes, 0);
MessageDigest mac = Crypto.getHMACT64(sk);
mac.update(seqBytes); // sequence
mac.update(data); // data
byte[] dgst = mac.digest();
byte[] trunc = new byte[8];
System.arraycopy(dgst, 0, trunc, 0, 8);
if ( log.isDebugEnabled() ) {
log.debug("Digest " + Hexdump.toHexString(dgst));
log.debug("Truncated " + Hexdump.toHexString(trunc));
}
if ( ( this.ntlmsspFlags & NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH ) != 0 ) {
try {
trunc = this.sealClientHandle.doFinal(trunc);
if ( log.isDebugEnabled() ) {
log.debug("Encrypted " + Hexdump.toHexString(trunc));
}
}
catch ( GeneralSecurityException e ) {
throw new CIFSException("Failed to encrypt MIC", e);
}
}
byte[] sig = new byte[16];
SMBUtil.writeInt4(1, sig, 0); // version
System.arraycopy(trunc, 0, sig, 4, 8); // checksum
SMBUtil.writeInt4(seqNum, sig, 12); // seqNum
return sig;
}
Example #10
| Source File: NtlmContext.java From jcifs-ng with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public void verifyMIC ( byte[] data, byte[] mic ) throws CIFSException {
byte[] sk = this.verifyKey;
if ( sk == null ) {
throw new CIFSException("Signing is not initialized");
}
int ver = SMBUtil.readInt4(mic, 0);
if ( ver != 1 ) {
throw new SmbUnsupportedOperationException("Invalid signature version");
}
MessageDigest mac = Crypto.getHMACT64(sk);
int seq = SMBUtil.readInt4(mic, 12);
mac.update(mic, 12, 4); // sequence
byte[] dgst = mac.digest(data); // data
byte[] trunc = Arrays.copyOf(dgst, 8);
if ( log.isDebugEnabled() ) {
log.debug("Digest " + Hexdump.toHexString(dgst));
log.debug("Truncated " + Hexdump.toHexString(trunc));
}
boolean encrypted = ( this.ntlmsspFlags & NtlmFlags.NTLMSSP_NEGOTIATE_KEY_EXCH ) != 0;
if ( encrypted ) {
try {
trunc = this.sealServerHandle.doFinal(trunc);
if ( log.isDebugEnabled() ) {
log.debug("Decrypted " + Hexdump.toHexString(trunc));
}
}
catch ( GeneralSecurityException e ) {
throw new CIFSException("Failed to decrypt MIC", e);
}
}
int expectSeq = this.verifySequence.getAndIncrement();
if ( expectSeq != seq ) {
throw new CIFSException(String.format("Invalid MIC sequence, expect %d have %d", expectSeq, seq));
}
byte[] verify = new byte[8];
System.arraycopy(mic, 4, verify, 0, 8);
if ( !MessageDigest.isEqual(trunc, verify) ) {
if ( log.isDebugEnabled() ) {
log.debug(String.format("Seq = %d ver = %d encrypted = %s", seq, ver, encrypted));
log.debug(String.format("Expected MIC %s != %s", Hexdump.toHexString(trunc), Hexdump.toHexString(verify)));
}
throw new CIFSException("Invalid MIC");
}
}
