// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package rdpclient.ntlmssp;
import java.lang.reflect.Method;
import java.security.Key;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import rdpclient.rdp.RdpConstants;
/**
* @see http://msdn.microsoft.com/en-us/library/cc236717.aspx
*/
public class CryptoAlgos implements NtlmConstants {
/**
* Indicates the left-to-right concatenation of the string parameters, from
* the first string to the Nnth. Any numbers are converted to strings and all
* numeric conversions to strings retain all digits, even nonsignificant ones.
* The result is a string. For example, ConcatenationOf(0x00122, "XYZ",
* "Client") results in the string "00122XYZClient."
*/
public static String concatenationOf(String... args) {
StringBuffer sb = new StringBuffer();
for (String arg : args) {
sb.append(arg);
}
return sb.toString();
}
/**
* Concatenate byte arrays.
*/
public static byte[] concatenationOf(byte[]... arrays) {
int length = 0;
for (byte[] array : arrays) {
length += array.length;
}
byte[] result = new byte[length];
int destPos = 0;
for (byte[] array : arrays) {
System.arraycopy(array, 0, result, destPos, array.length);
destPos += array.length;
}
return result;
}
/** Indicates a 32-bit CRC calculated over m. */
public static byte[] CRC32(byte[] m) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the encryption of an 8-byte data item d with the 7-byte key k
* using the Data Encryption Standard (DES) algorithm in Electronic Codebook
* (ECB) mode. The result is 8 bytes in length ([FIPS46-2]).
*/
public static byte[] DES(byte[] k, byte[] d) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the encryption of an 8-byte data item D with the 16-byte key K
* using the Data Encryption Standard Long (DESL) algorithm. The result is 24
* bytes in length. DESL(K, D) is computed as follows.
*
* <pre>
* ConcatenationOf( DES(K[0..6], D),
* DES(K[7..13], D), DES(
* ConcatenationOf(K[14..15], Z(5)), D));
* </pre>
*
* Note K[] implies a key represented as a character array.
*/
public static byte[] DESL(byte[] k, byte[] d) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* An auxiliary function that returns an operating system version-specific
* value (section 2.2.2.8).
*/
public static byte[] getVersion() {
// Version (6.1, Build 7601), NTLM current revision: 15
return new byte[] {0x06, 0x01, (byte)0xb1, 0x1d, 0x00, 0x00, 0x00, 0x0f};
}
/**
* Retrieve the user's LM response key from the server database (directory or
* local database).
*/
public static byte[] LMGETKEY(byte[] u, byte[] d) {
throw new RuntimeException("FATAL: Not implemented.");
}
/** Retrieve the user's NT response key from the server database. */
public static byte[] NTGETKEY(byte[] u, byte[] d) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the encryption of data item m with the key k using the HMAC
* algorithm ([RFC2104]).
*/
public static byte[] HMAC(byte[] k, byte[] m) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the computation of a 16-byte HMAC-keyed MD5 message digest of the
* byte string m using the key k.
*/
public static byte[] HMAC_MD5(byte[] k, byte[] m) {
try {
String algorithm = "HMacMD5";
Mac hashMac = Mac.getInstance(algorithm);
Key secretKey = new SecretKeySpec(k, 0, k.length, algorithm);
hashMac.init(secretKey);
return hashMac.doFinal(m);
} catch (Exception e) {
throw new RuntimeException("Cannot calculate HMAC-MD5.", e);
}
}
/**
* Produces a key exchange key from the session base key K, LM response and
* server challenge SC as defined in the sections KXKEY, SIGNKEY, and SEALKEY.
*/
public static byte[] KXKEY(byte[] sessionBaseKey/*K, byte[] LM, byte[] SC*/) {
// Key eXchange Key is server challenge
/* In NTLMv2, KeyExchangeKey is the 128-bit SessionBaseKey */
return Arrays.copyOf(sessionBaseKey, sessionBaseKey.length);
}
/**
* Computes a one-way function of the user's password to use as the response
* key. NTLM v1 and NTLM v2 define separate LMOWF() functions in the NTLM v1
* authentication and NTLM v2 authentication sections, respectively.
*/
public static byte[] LMOWF() {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the computation of an MD4 message digest of the null-terminated
* byte string m ([RFC1320]).
*/
public static byte[] MD4(byte[] m) {
try {
return sun.security.provider.MD4.getInstance().digest(m);
} catch (Exception e) {
throw new RuntimeException("Cannot calculate MD5.", e);
}
}
/**
* Indicates the computation of an MD5 message digest of the null-terminated
* byte string m ([RFC1321]).
*/
public static byte[] MD5(byte[] m) {
try {
return MessageDigest.getInstance("MD5").digest(m);
} catch (Exception e) {
throw new RuntimeException("Cannot calculate MD5.", e);
}
}
/**
* Indicates the computation of an MD5 message digest of a binary blob
* ([RFC4121] section 4.1.1.2).
*/
public static byte[] MD5_HASH(byte[] m) {
try {
return MessageDigest.getInstance("MD5").digest(m);
} catch (Exception e) {
throw new RuntimeException("Cannot calculate MD5.", e);
}
}
/** A zero-length string. */
public static final String NIL = "";
/**
* Indicates the computation of an n-byte cryptographic-strength random
* number.
*
* Note The NTLM Authentication Protocol does not define the statistical
* properties of the random number generator. It is left to the discretion of
* the implementation to define the strength requirements of the NONCE(n)
* operation.
*/
public static byte[] NONCE(int n) {
// Generate random nonce for LMv2 and NTv2 responses
byte[] nonce = new byte[n];
SecureRandom random = new SecureRandom();
random.nextBytes(nonce);
// Fixed nonce for debugging purposes
//* DEBUG */for (int i = 0; i < N; i++) nonce[i] = (byte) (i + 1);
return nonce;
}
/**
* Computes a one-way function of the user's password to use as the response
* key. NTLM v1 and NTLM v2 define separate NTOWF() functions in the NTLM v1
* authentication and NTLM v2 authentication sections, respectively.
*/
public static byte[] NTOWF() {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* The RC4 Encryption Algorithm. To obtain this stream cipher that is licensed
* by RSA Data Security, Inc., contact this company.
*
* Indicates the encryption of data item d with the current session or message
* key state, using the RC4 algorithm. h is the handle to a key state
* structure initialized by RC4INIT.
*/
public static byte[] RC4(Cipher h, byte[] d) {
return h.update(d);
}
/**
* Indicates the encryption of data item d with the key k using the RC4
* algorithm.
*
* Note The key sizes for RC4 encryption in NTLM are defined in sections
* KXKEY, SIGNKEY, and SEALKEY, where they are created.
*/
public static byte[] RC4K(byte[] k, byte[] d) {
try {
Cipher cipher = Cipher.getInstance("RC4");
Key key = new SecretKeySpec(k, "RC4");
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(d);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* Initialization of the RC4 key and handle to a key state structure for the
* session.
*/
public static Cipher RC4Init(byte[] k) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Produces an encryption key from the session key as defined in sections
* KXKEY, SIGNKEY, and SEALKEY.
*/
public static byte[] SEALKEY(byte[] f, byte[] k, byte[] string1) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Produces a signing key from the session key as defined in sections KXKEY,
* SIGNKEY, and SEALKEY.
*/
public static byte[] SIGNKEY(int flag, byte[] k, byte[] string1) {
throw new RuntimeException("FATAL: Not implemented.");
}
/**
* Indicates the retrieval of the current time as a 64-bit value, represented
* as the number of 100-nanosecond ticks elapsed since midnight of January
* 1st, 1601 (UTC).
*/
public static byte[] Currenttime() {
// (current time + milliseconds from 1.01.1601 to 1.01.1970) *
// 100-nanosecond ticks
long time = (System.currentTimeMillis() + 11644473600000L) * 10000;
// Convert 64bit value to byte array.
byte[] result = new byte[8];
for (int i = 0; i < 8; i++, time >>>= 8) {
result[i] = (byte)time;
}
return result;
}
/**
* Indicates the 2-byte little-endian byte order encoding of the Unicode
* UTF-16 representation of string. The Byte Order Mark (BOM) is not sent over
* the wire.
*/
public static byte[] UNICODE(String string) {
return string.getBytes(RdpConstants.CHARSET_16);
}
/** Indicates the uppercase representation of string. */
public static String UpperCase(String string) {
return string.toUpperCase();
}
/**
* Indicates the creation of a byte array of length N. Each byte in the array
* is initialized to the value zero.
*/
public static byte[] Z(int n) {
return new byte[n];
}
public static Cipher initRC4(byte[] key) {
try {
Cipher cipher = Cipher.getInstance("RC4");
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "RC4"));
return cipher;
} catch (Exception e) {
throw new RuntimeException("Cannot initialize RC4 sealing handle with client sealing key.", e);
}
}
/**
* Helper method for embedded test cases.
*/
public static void callAll(Object obj) {
Method[] methods = obj.getClass().getDeclaredMethods();
for (Method m : methods) {
if (m.getName().startsWith("test")) {
try {
m.invoke(obj, (Object[])null);
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
public static void main(String args[]) {
callAll(new CryptoAlgos());
}
}