/** * Sets or clears the specified flag. * * @param flag The flag to set/clear (i.e., * <code>NTLMSSP_NEGOTIATE_OEM</code>). * @param value Indicates whether to set (<code>true</code>) or * clear (<code>false</code>) the specified flag. */ public void setFlag(int flag, boolean value) { setFlags(value ? (getFlags() | flag) : (getFlags() & (0xffffffff ^ flag))); }
static byte[] readSecurityBuffer(byte[] src, int index) { int length = readUShort(src, index); int offset = readULong(src, index + 4); byte[] buffer = new byte[length]; System.arraycopy(src, offset, buffer, 0, length); return buffer; }
static void writeSecurityBuffer(byte[] dest, int offset, int bodyOffset, byte[] src) { int length = (src != null) ? src.length : 0; if (length == 0) return; writeUShort(dest, offset, length); writeUShort(dest, offset + 2, length); writeULong(dest, offset + 4, bodyOffset); System.arraycopy(src, 0, dest, bodyOffset, length); }
String suppliedDomain = getSuppliedDomain(); String suppliedWorkstation = getSuppliedWorkstation(); int flags = getFlags(); boolean hostInfo = false; byte[] domain = new byte[0]; flags |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED; domain = suppliedDomain.toUpperCase().getBytes( getOEMEncoding()); } else { flags &= (NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED ^ 0xffffffff); workstation = suppliedWorkstation.toUpperCase().getBytes( getOEMEncoding()); } else { flags &= (NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED ^ (32 + domain.length + workstation.length) : 16]; System.arraycopy(NTLMSSP_SIGNATURE, 0, type1, 0, 8); writeULong(type1, 8, 1); writeULong(type1, 12, flags); if (hostInfo) { writeSecurityBuffer(type1, 16, 32, domain); writeSecurityBuffer(type1, 24, 32 + domain.length, workstation);
/** * Returns the status of the specified flag. * * @param flag The flag to test (i.e., <code>NTLMSSP_NEGOTIATE_OEM</code>). * @return A <code>boolean</code> indicating whether the flag is set. */ public boolean getFlag(int flag) { return (getFlags() & flag) != 0; }
private void parse(byte[] material) throws IOException { for (int i = 0; i < 8; i++) { if (material[i] != NTLMSSP_SIGNATURE[i]) { throw new IOException("Not an NTLMSSP message."); } } if (readULong(material, 8) != 1) { throw new IOException("Not a Type 1 message."); } int flags = readULong(material, 12); String suppliedDomain = null; if ((flags & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) != 0) { byte[] domain = readSecurityBuffer(material, 16); suppliedDomain = new String(domain, getOEMEncoding()); } String suppliedWorkstation = null; if ((flags & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) != 0) { byte[] workstation = readSecurityBuffer(material, 24); suppliedWorkstation = new String(workstation, getOEMEncoding()); } setFlags(flags); setSuppliedDomain(suppliedDomain); setSuppliedWorkstation(suppliedWorkstation); }
throw new IOException("Unrecognized NTLM message."); int protectionLevel = ntlm.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_SEAL) ? Security.PROTECTION_LEVEL_PRIVACY : ntlm.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_SIGN) ? Security.PROTECTION_LEVEL_INTEGRITY : Security.PROTECTION_LEVEL_CONNECT; return new AuthenticationVerifier( NtlmAuthentication.AUTHENTICATION_SERVICE_NTLM, protectionLevel, contextId, ntlm.toByteArray());
private String ntlmMessageToString(NtlmMessage ntlmMessage) { return "NTLM " + encode(ntlmMessage.toByteArray()); } }
message = new Type1Message(); if (LM_COMPATIBILITY > 2) { message.setFlag(NtlmFlags.NTLMSSP_REQUEST_TARGET, true);
/** * Creates a Type-2 message with the specified parameters. * * @param flags The flags to apply to this message. * @param challenge The challenge from the domain controller/server. * @param target The authentication target. */ public Type2Message(int flags, byte[] challenge, String target) { setFlags(flags); setChallenge(challenge); setTarget(target); if (target != null) setTargetInformation(getDefaultTargetInformation()); }
static int writeSecurityBufferContent ( byte[] dest, int pos, int off, byte[] src ) { writeULong(dest, off, pos); if ( src != null && src.length > 0 ) { System.arraycopy(src, 0, dest, pos, src.length); return src.length; } return 0; }
static int writeSecurityBuffer ( byte[] dest, int offset, byte[] src ) { int length = ( src != null ) ? src.length : 0; if ( length == 0 ) { return offset + 4; } writeUShort(dest, offset, length); writeUShort(dest, offset + 2, length); return offset + 4; }
/** * Creates a Type-2 message in response to the given Type-1 message. * * @param type1 The Type-1 message which this represents a response to. * @param challenge The challenge from the domain controller/server. * @param target The authentication target. */ public Type2Message(Type1Message type1, byte[] challenge, String target) { this(getDefaultFlags(type1), challenge, (type1 != null && target == null && type1.getFlag(NTLMSSP_REQUEST_TARGET)) ? getDefaultDomain() : target); }
byte[] context = getContext(); byte[] targetInformation = getTargetInformation(); int flags = getFlags(); byte[] target = new byte[0]; if ((flags & (NTLMSSP_TARGET_TYPE_DOMAIN | target = (flags & NTLMSSP_NEGOTIATE_UNICODE) != 0 ? targetName.getBytes(UNI_ENCODING) : targetName.toUpperCase().getBytes(getOEMEncoding()); } else { flags &= (0xffffffff ^ (NTLMSSP_TARGET_TYPE_DOMAIN | (targetInformation != null ? targetInformation.length : 0)]; System.arraycopy(NTLMSSP_SIGNATURE, 0, type2, 0, 8); writeULong(type2, 8, 2); writeSecurityBuffer(type2, 12, data, target); writeULong(type2, 20, flags); System.arraycopy(challenge != null ? challenge : new byte[8], 0, type2, 24, 8); if (context != null) System.arraycopy(context, 0, type2, 32, 8); if (targetInformation != null) { writeSecurityBuffer(type2, 40, data + target.length, targetInformation);
/** * Returns the status of the specified flag. * * @param flag * The flag to test (i.e., <code>NTLMSSP_NEGOTIATE_OEM</code>). * @return A <code>boolean</code> indicating whether the flag is set. */ public boolean getFlag ( int flag ) { return ( getFlags() & flag ) != 0; }
if (readULong(material, 8) != 3) { throw new IOException("Not a Type 3 message."); byte[] lmResponse = readSecurityBuffer(material, 12); int lmResponseOffset = readULong(material, 16); byte[] ntResponse = readSecurityBuffer(material, 20); int ntResponseOffset = readULong(material, 24); byte[] domain = readSecurityBuffer(material, 28); int domainOffset = readULong(material, 32); byte[] user = readSecurityBuffer(material, 36); int userOffset = readULong(material, 40); byte[] workstation = readSecurityBuffer(material, 44); int workstationOffset = readULong(material, 48); int flags; String charset; workstationOffset == 52) { flags = NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_OEM; charset = getOEMEncoding(); } else { _sessionKey = readSecurityBuffer(material, 52); flags = readULong(material, 60); charset = ((flags & NTLMSSP_NEGOTIATE_UNICODE) != 0) ? UNI_ENCODING : getOEMEncoding(); setFlags(flags); setLMResponse(lmResponse); setNTResponse(ntResponse);
throw new IOException("Unrecognized NTLM message."); int protectionLevel = ntlm.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_SEAL) ? Security.PROTECTION_LEVEL_PRIVACY : ntlm.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_SIGN) ? Security.PROTECTION_LEVEL_INTEGRITY : Security.PROTECTION_LEVEL_CONNECT; return new AuthenticationVerifier( NtlmAuthentication.AUTHENTICATION_SERVICE_NTLM, protectionLevel, contextId, ntlm.toByteArray());
int attempt = 0; while ( attempt < MAX_REDIRECTS ) { this.connection.setRequestProperty(this.authProperty, this.authMethod + ' ' + Base64.toBase64String(type1.toByteArray())); this.connection.connect(); // send type 1 response = parseResponseCode(); if ( type3 == null ) return; this.connection.setRequestProperty(this.authProperty, this.authMethod + ' ' + Base64.toBase64String(type3.toByteArray())); this.connection.connect(); // send type 3 if ( this.cachedOutput != null && this.doOutput ) {
message = new Type1Message(); if (LM_COMPATIBILITY > 2) { message.setFlag(NtlmFlags.NTLMSSP_REQUEST_TARGET, true);