Package org.apache.mina.proxy.handlers.http.ntlm

Class NTLMResponses

  • public class NTLMResponses
extends java.lang.Object
    NTLMResponses.java - Calculates the various Type 3 responses. Needs an MD4, MD5 and DES crypto provider (Please note that default provider doesn't provide MD4). Copyright (c) 2003 Eric Glass Permission to use, copy, modify, and distribute this document for any purpose and without any fee is hereby granted, provided that the above copyright notice and this list of conditions appear in all copies.
    Since:
    MINA 2.0.0-M3
    See Also:
    NTLM RFC

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static byte[] LM_HASH_MAGIC_CONSTANT
      LAN Manager magic constant used in LM Response calculation

    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private NTLMResponses()  

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      private static byte[] createBlob​(byte[] targetInformation, byte[] clientNonce, long time)
      Creates the NTLMv2 blob from the given target information block and client nonce.
      private static java.security.Key createDESKey​(byte[] bytes, int offset)
      Creates a DES encryption key from the given key material.
      static byte[] getLMResponse​(java.lang.String password, byte[] challenge)
      Calculates the LM Response for the given challenge, using the specified password.
      static byte[] getLMv2Response​(java.lang.String target, java.lang.String user, java.lang.String password, byte[] challenge, byte[] clientNonce)
      Calculates the LMv2 Response for the given challenge, using the specified authentication target, username, password, and client challenge.
      static byte[] getNTLM2SessionResponse​(java.lang.String password, byte[] challenge, byte[] clientNonce)
      Calculates the NTLM2 Session Response for the given challenge, using the specified password and client nonce.
      static byte[] getNTLMResponse​(java.lang.String password, byte[] challenge)
      Calculates the NTLM Response for the given challenge, using the specified password.
      static byte[] getNTLMv2Response​(java.lang.String target, java.lang.String user, java.lang.String password, byte[] targetInformation, byte[] challenge, byte[] clientNonce)
      Calculates the NTLMv2 Response for the given challenge, using the specified authentication target, username, password, target information block, and client nonce.
      static byte[] getNTLMv2Response​(java.lang.String target, java.lang.String user, java.lang.String password, byte[] targetInformation, byte[] challenge, byte[] clientNonce, long time)
      Calculates the NTLMv2 Response for the given challenge, using the specified authentication target, username, password, target information block, and client nonce.
      static byte[] hmacMD5​(byte[] data, byte[] key)
      Calculates the HMAC-MD5 hash of the given data using the specified hashing key.
      private static byte[] lmHash​(java.lang.String password)
      Creates the LM Hash of the user's password.
      private static byte[] lmResponse​(byte[] hash, byte[] challenge)
      Creates the LM Response from the given hash and Type 2 challenge.
      private static byte[] lmv2Response​(byte[] hash, byte[] clientData, byte[] challenge)
      Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.
      private static byte[] ntlmHash​(java.lang.String password)
      Creates the NTLM Hash of the user's password.
      private static byte[] ntlmv2Hash​(java.lang.String target, java.lang.String user, java.lang.String password)
      Creates the NTLMv2 Hash of the user's password.
      private static void oddParity​(byte[] bytes)
      Applies odd parity to the given byte array.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • LM_HASH_MAGIC_CONSTANT

        public static final byte[] LM_HASH_MAGIC_CONSTANT
        LAN Manager magic constant used in LM Response calculation

    • Constructor Detail

      • NTLMResponses

        private NTLMResponses()

    • Method Detail

      • getLMResponse

        public static byte[] getLMResponse​(java.lang.String password,
                                   byte[] challenge)
                            throws java.lang.Exception
        Calculates the LM Response for the given challenge, using the specified password.
        Parameters:
        password - The user's password.
        challenge - The Type 2 challenge from the server.
        Returns:
        The LM Response.
        Throws:
        java.lang.Exception - If something went wrong

      • getNTLMResponse

        public static byte[] getNTLMResponse​(java.lang.String password,
                                     byte[] challenge)
                              throws java.lang.Exception
        Calculates the NTLM Response for the given challenge, using the specified password.
        Parameters:
        password - The user's password.
        challenge - The Type 2 challenge from the server.
        Returns:
        The NTLM Response.
        Throws:
        java.lang.Exception - If something went wrong

      • getNTLMv2Response

        public static byte[] getNTLMv2Response​(java.lang.String target,
                                       java.lang.String user,
                                       java.lang.String password,
                                       byte[] targetInformation,
                                       byte[] challenge,
                                       byte[] clientNonce)
                                throws java.lang.Exception
        Calculates the NTLMv2 Response for the given challenge, using the specified authentication target, username, password, target information block, and client nonce.
        Parameters:
        target - The authentication target (i.e., domain).
        user - The username.
        password - The user's password.
        targetInformation - The target information block from the Type 2 message.
        challenge - The Type 2 challenge from the server.
        clientNonce - The random 8-byte client nonce.
        Returns:
        The NTLMv2 Response.
        Throws:
        java.lang.Exception - If something went wrong

      • getNTLMv2Response

        public static byte[] getNTLMv2Response​(java.lang.String target,
                                       java.lang.String user,
                                       java.lang.String password,
                                       byte[] targetInformation,
                                       byte[] challenge,
                                       byte[] clientNonce,
                                       long time)
                                throws java.lang.Exception
        Calculates the NTLMv2 Response for the given challenge, using the specified authentication target, username, password, target information block, and client nonce.
        Parameters:
        target - The authentication target (i.e., domain).
        user - The username.
        password - The user's password.
        targetInformation - The target information block from the Type 2 message.
        challenge - The Type 2 challenge from the server.
        clientNonce - The random 8-byte client nonce.
        time - The time stamp.
        Returns:
        The NTLMv2 Response.
        Throws:
        java.lang.Exception - If something went wrong

      • getLMv2Response

        public static byte[] getLMv2Response​(java.lang.String target,
                                     java.lang.String user,
                                     java.lang.String password,
                                     byte[] challenge,
                                     byte[] clientNonce)
                              throws java.lang.Exception
        Calculates the LMv2 Response for the given challenge, using the specified authentication target, username, password, and client challenge.
        Parameters:
        target - The authentication target (i.e., domain).
        user - The username.
        password - The user's password.
        challenge - The Type 2 challenge from the server.
        clientNonce - The random 8-byte client nonce.
        Returns:
        The LMv2 Response.
        Throws:
        java.lang.Exception - If something went wrong

      • getNTLM2SessionResponse

        public static byte[] getNTLM2SessionResponse​(java.lang.String password,
                                             byte[] challenge,
                                             byte[] clientNonce)
                                      throws java.lang.Exception
        Calculates the NTLM2 Session Response for the given challenge, using the specified password and client nonce.
        Parameters:
        password - The user's password.
        challenge - The Type 2 challenge from the server.
        clientNonce - The random 8-byte client nonce.
        Returns:
        The NTLM2 Session Response. This is placed in the NTLM response field of the Type 3 message; the LM response field contains the client nonce, null-padded to 24 bytes.
        Throws:
        java.lang.Exception - If something went wrong

      • lmHash

        private static byte[] lmHash​(java.lang.String password)
                      throws java.security.GeneralSecurityException
        Creates the LM Hash of the user's password.
        Parameters:
        password - The password.
        Returns:
        The LM Hash of the given password, used in the calculation of the LM Response.
        Throws:
        java.security.GeneralSecurityException - if an encryption problem occurs.

      • ntlmHash

        private static byte[] ntlmHash​(java.lang.String password)
                        throws java.lang.Exception
        Creates the NTLM Hash of the user's password.
        Parameters:
        password - The password.
        Returns:
        The NTLM Hash of the given password, used in the calculation of the NTLM Response and the NTLMv2 and LMv2 Hashes.
        Throws:
        java.lang.Exception

      • ntlmv2Hash

        private static byte[] ntlmv2Hash​(java.lang.String target,
                                 java.lang.String user,
                                 java.lang.String password)
                          throws java.lang.Exception
        Creates the NTLMv2 Hash of the user's password.
        Parameters:
        target - The authentication target (i.e., domain).
        user - The username.
        password - The password.
        Returns:
        The NTLMv2 Hash, used in the calculation of the NTLMv2 and LMv2 Responses.
        Throws:
        java.lang.Exception

      • lmResponse

        private static byte[] lmResponse​(byte[] hash,
                                 byte[] challenge)
                          throws java.lang.Exception
        Creates the LM Response from the given hash and Type 2 challenge.
        Parameters:
        hash - The LM or NTLM Hash.
        challenge - The server challenge from the Type 2 message.
        Returns:
        The response (either LM or NTLM, depending on the provided hash).
        Throws:
        java.lang.Exception

      • lmv2Response

        private static byte[] lmv2Response​(byte[] hash,
                                   byte[] clientData,
                                   byte[] challenge)
                            throws java.lang.Exception
        Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.
        Parameters:
        hash - The NTLMv2 Hash.
        clientData - The client data (blob or client nonce).
        challenge - The server challenge from the Type 2 message.
        Returns:
        The response (either NTLMv2 or LMv2, depending on the client data).
        Throws:
        java.lang.Exception

      • createBlob

        private static byte[] createBlob​(byte[] targetInformation,
                                 byte[] clientNonce,
                                 long time)
        Creates the NTLMv2 blob from the given target information block and client nonce.
        Parameters:
        targetInformation - The target information block from the Type 2 message.
        clientNonce - The random 8-byte client nonce.
        time - the time stamp.
        Returns:
        The blob, used in the calculation of the NTLMv2 Response.

      • hmacMD5

        public static byte[] hmacMD5​(byte[] data,
                             byte[] key)
                      throws java.lang.Exception
        Calculates the HMAC-MD5 hash of the given data using the specified hashing key.
        Parameters:
        data - The data for which the hash will be calculated.
        key - The hashing key.
        Returns:
        The HMAC-MD5 hash of the given data.
        Throws:
        java.lang.Exception - If something went wrong

      • createDESKey

        private static java.security.Key createDESKey​(byte[] bytes,
                                              int offset)
        Creates a DES encryption key from the given key material.
        Parameters:
        bytes - A byte array containing the DES key material.
        offset - The offset in the given byte array at which the 7-byte key material starts.
        Returns:
        A DES encryption key created from the key material starting at the specified offset in the given byte array.

      • oddParity

        private static void oddParity​(byte[] bytes)
        Applies odd parity to the given byte array.
        Parameters:
        bytes - The data whose parity bits are to be adjusted for odd parity.