lib/net/ntlm.rb in rubyntlm-0.5.3 vs lib/net/ntlm.rb in rubyntlm-0.6.0

- old
+ new

@@ -1,263 +1,266 @@ -# encoding: UTF-8 -# -# = net/ntlm.rb -# -# An NTLM Authentication Library for Ruby -# -# This code is a derivative of "dbf2.rb" written by yrock -# and Minero Aoki. You can find original code here: -# http://jp.rubyist.net/magazine/?0013-CodeReview -# ------------------------------------------------------------- -# Copyright (c) 2005,2006 yrock -# -# -# 2006-02-11 refactored by Minero Aoki -# ------------------------------------------------------------- -# -# All protocol information used to write this code stems from -# "The NTLM Authentication Protocol" by Eric Glass. The author -# would thank to him for this tremendous work and making it -# available on the net. -# http://davenport.sourceforge.net/ntlm.html -# ------------------------------------------------------------- -# Copyright (c) 2003 Eric Glass -# -# ------------------------------------------------------------- -# -# The author also looked Mozilla-Firefox-1.0.7 source code, -# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and -# Jonathan Bastien-Filiatrault's libntlm-ruby. -# "http://x2a.org/websvn/filedetails.php? -# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1" -# The latter has a minor bug in its separate_keys function. -# The third key has to begin from the 14th character of the -# input string instead of 13th:) -#-- -# $Id: ntlm.rb,v 1.1 2006/10/05 01:36:52 koheik Exp $ -#++ - -require 'base64' -require 'openssl' -require 'openssl/digest' -require 'socket' - -# Load Order is important here -require 'net/ntlm/field' -require 'net/ntlm/int16_le' -require 'net/ntlm/int32_le' -require 'net/ntlm/int64_le' -require 'net/ntlm/string' - -require 'net/ntlm/field_set' -require 'net/ntlm/blob' -require 'net/ntlm/security_buffer' -require 'net/ntlm/message' -require 'net/ntlm/message/type0' -require 'net/ntlm/message/type1' -require 'net/ntlm/message/type2' -require 'net/ntlm/message/type3' - -require 'net/ntlm/encode_util' - -require 'net/ntlm/client' - -module Net - module NTLM - - LM_MAGIC = "KGS!@\#$%" - TIME_OFFSET = 11644473600 - MAX64 = 0xffffffffffffffff - - - class << self - - # Valid format for LAN Manager hex digest portion: 32 hexadecimal characters. - LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i - # Valid format for NT LAN Manager hex digest portion: 32 hexadecimal characters. - NT_LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i - # Valid format for an NTLM hash composed of `'<LAN Manager hex digest>:<NT LAN Manager hex digest>'`. - DATA_REGEXP = /\A#{LAN_MANAGER_HEX_DIGEST_REGEXP}:#{NT_LAN_MANAGER_HEX_DIGEST_REGEXP}\z/ - - # Takes a string and determines whether it is a valid NTLM Hash - # @param [String] the string to validate - # @return [Boolean] whether or not the string is a valid NTLM hash - def is_ntlm_hash?(data) - decoded_data = data.dup - decoded_data = EncodeUtil.decode_utf16le(decoded_data) - if DATA_REGEXP.match(decoded_data) - true - else - false - end - end - - # Conver the value to a 64-Bit Little Endian Int - # @param [String] val The string to convert - def pack_int64le(val) - [val & 0x00000000ffffffff, val >> 32].pack("V2") - end - - # Builds an array of strings that are 7 characters long - # @param [String] str The string to split - # @api private - def split7(str) - s = str.dup - until s.empty? - (ret ||= []).push s.slice!(0, 7) - end - ret - end - - # Not sure what this is doing - # @param [String] str String to generate keys for - # @api private - def gen_keys(str) - split7(str).map{ |str7| - bits = split7(str7.unpack("B*")[0]).inject('')\ - {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s } - [bits].pack("B*") - } - end - - def apply_des(plain, keys) - dec = OpenSSL::Cipher::Cipher.new("des-cbc") - dec.padding = 0 - keys.map {|k| - dec.key = k - dec.encrypt.update(plain) + dec.final - } - end - - # Generates a Lan Manager Hash - # @param [String] password The password to base the hash on - def lm_hash(password) - keys = gen_keys password.upcase.ljust(14, "\0") - apply_des(LM_MAGIC, keys).join - end - - # Generate a NTLM Hash - # @param [String] password The password to base the hash on - # @option opt :unicode (false) Unicode encode the password - def ntlm_hash(password, opt = {}) - pwd = password.dup - unless opt[:unicode] - pwd = EncodeUtil.encode_utf16le(pwd) - end - OpenSSL::Digest::MD4.digest pwd - end - - # Generate a NTLMv2 Hash - # @param [String] user The username - # @param [String] password The password - # @param [String] target The domain or workstation to authenticate to - # @option opt :unicode (false) Unicode encode the domain - def ntlmv2_hash(user, password, target, opt={}) - if is_ntlm_hash? password - decoded_password = EncodeUtil.decode_utf16le(password) - ntlmhash = [decoded_password.upcase[33,65]].pack('H32') - else - ntlmhash = ntlm_hash(password, opt) - end - userdomain = user.upcase + target - unless opt[:unicode] - userdomain = EncodeUtil.encode_utf16le(userdomain) - end - OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain) - end - - def lm_response(arg) - begin - hash = arg[:lm_hash] - chal = arg[:challenge] - rescue - raise ArgumentError - end - chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) - keys = gen_keys hash.ljust(21, "\0") - apply_des(chal, keys).join - end - - def ntlm_response(arg) - hash = arg[:ntlm_hash] - chal = arg[:challenge] - chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) - keys = gen_keys hash.ljust(21, "\0") - apply_des(chal, keys).join - end - - def ntlmv2_response(arg, opt = {}) - begin - key = arg[:ntlmv2_hash] - chal = arg[:challenge] - ti = arg[:target_info] - rescue - raise ArgumentError - end - chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) - - if opt[:client_challenge] - cc = opt[:client_challenge] - else - cc = rand(MAX64) - end - cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) - - if opt[:timestamp] - ts = opt[:timestamp] - else - ts = Time.now.to_i - end - # epoch -> milsec from Jan 1, 1601 - ts = 10_000_000 * (ts + TIME_OFFSET) - - blob = Blob.new - blob.timestamp = ts - blob.challenge = cc - blob.target_info = ti - - bb = blob.serialize - - OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb - end - - def lmv2_response(arg, opt = {}) - key = arg[:ntlmv2_hash] - chal = arg[:challenge] - - chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) - - if opt[:client_challenge] - cc = opt[:client_challenge] - else - cc = rand(MAX64) - end - cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) - - OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc - end - - def ntlm2_session(arg, opt = {}) - begin - passwd_hash = arg[:ntlm_hash] - chal = arg[:challenge] - rescue - raise ArgumentError - end - chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) - - if opt[:client_challenge] - cc = opt[:client_challenge] - else - cc = rand(MAX64) - end - cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) - - keys = gen_keys(passwd_hash.ljust(21, "\0")) - session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8) - response = apply_des(session_hash, keys).join - [cc.ljust(24, "\0"), response] - end - end - - end -end +# encoding: UTF-8 +# +# = net/ntlm.rb +# +# An NTLM Authentication Library for Ruby +# +# This code is a derivative of "dbf2.rb" written by yrock +# and Minero Aoki. You can find original code here: +# http://jp.rubyist.net/magazine/?0013-CodeReview +# ------------------------------------------------------------- +# Copyright (c) 2005,2006 yrock +# +# +# 2006-02-11 refactored by Minero Aoki +# ------------------------------------------------------------- +# +# All protocol information used to write this code stems from +# "The NTLM Authentication Protocol" by Eric Glass. The author +# would thank to him for this tremendous work and making it +# available on the net. +# http://davenport.sourceforge.net/ntlm.html +# ------------------------------------------------------------- +# Copyright (c) 2003 Eric Glass +# +# ------------------------------------------------------------- +# +# The author also looked Mozilla-Firefox-1.0.7 source code, +# namely, security/manager/ssl/src/nsNTLMAuthModule.cpp and +# Jonathan Bastien-Filiatrault's libntlm-ruby. +# "http://x2a.org/websvn/filedetails.php? +# repname=libntlm-ruby&path=%2Ftrunk%2Fntlm.rb&sc=1" +# The latter has a minor bug in its separate_keys function. +# The third key has to begin from the 14th character of the +# input string instead of 13th:) +#-- +# $Id: ntlm.rb,v 1.1 2006/10/05 01:36:52 koheik Exp $ +#++ + +require 'base64' +require 'openssl' +require 'openssl/digest' +require 'socket' + +# Load Order is important here +require 'net/ntlm/exceptions' +require 'net/ntlm/field' +require 'net/ntlm/int16_le' +require 'net/ntlm/int32_le' +require 'net/ntlm/int64_le' +require 'net/ntlm/string' + +require 'net/ntlm/field_set' +require 'net/ntlm/blob' +require 'net/ntlm/security_buffer' +require 'net/ntlm/message' +require 'net/ntlm/message/type0' +require 'net/ntlm/message/type1' +require 'net/ntlm/message/type2' +require 'net/ntlm/message/type3' + +require 'net/ntlm/encode_util' + +require 'net/ntlm/client' +require 'net/ntlm/channel_binding' +require 'net/ntlm/target_info' + +module Net + module NTLM + + LM_MAGIC = "KGS!@\#$%" + TIME_OFFSET = 11644473600 + MAX64 = 0xffffffffffffffff + + + class << self + + # Valid format for LAN Manager hex digest portion: 32 hexadecimal characters. + LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i + # Valid format for NT LAN Manager hex digest portion: 32 hexadecimal characters. + NT_LAN_MANAGER_HEX_DIGEST_REGEXP = /[0-9a-f]{32}/i + # Valid format for an NTLM hash composed of `'<LAN Manager hex digest>:<NT LAN Manager hex digest>'`. + DATA_REGEXP = /\A#{LAN_MANAGER_HEX_DIGEST_REGEXP}:#{NT_LAN_MANAGER_HEX_DIGEST_REGEXP}\z/ + + # Takes a string and determines whether it is a valid NTLM Hash + # @param [String] the string to validate + # @return [Boolean] whether or not the string is a valid NTLM hash + def is_ntlm_hash?(data) + decoded_data = data.dup + decoded_data = EncodeUtil.decode_utf16le(decoded_data) + if DATA_REGEXP.match(decoded_data) + true + else + false + end + end + + # Conver the value to a 64-Bit Little Endian Int + # @param [String] val The string to convert + def pack_int64le(val) + [val & 0x00000000ffffffff, val >> 32].pack("V2") + end + + # Builds an array of strings that are 7 characters long + # @param [String] str The string to split + # @api private + def split7(str) + s = str.dup + until s.empty? + (ret ||= []).push s.slice!(0, 7) + end + ret + end + + # Not sure what this is doing + # @param [String] str String to generate keys for + # @api private + def gen_keys(str) + split7(str).map{ |str7| + bits = split7(str7.unpack("B*")[0]).inject('')\ + {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s } + [bits].pack("B*") + } + end + + def apply_des(plain, keys) + dec = OpenSSL::Cipher::Cipher.new("des-cbc") + dec.padding = 0 + keys.map {|k| + dec.key = k + dec.encrypt.update(plain) + dec.final + } + end + + # Generates a Lan Manager Hash + # @param [String] password The password to base the hash on + def lm_hash(password) + keys = gen_keys password.upcase.ljust(14, "\0") + apply_des(LM_MAGIC, keys).join + end + + # Generate a NTLM Hash + # @param [String] password The password to base the hash on + # @option opt :unicode (false) Unicode encode the password + def ntlm_hash(password, opt = {}) + pwd = password.dup + unless opt[:unicode] + pwd = EncodeUtil.encode_utf16le(pwd) + end + OpenSSL::Digest::MD4.digest pwd + end + + # Generate a NTLMv2 Hash + # @param [String] user The username + # @param [String] password The password + # @param [String] target The domain or workstation to authenticate to + # @option opt :unicode (false) Unicode encode the domain + def ntlmv2_hash(user, password, target, opt={}) + if is_ntlm_hash? password + decoded_password = EncodeUtil.decode_utf16le(password) + ntlmhash = [decoded_password.upcase[33,65]].pack('H32') + else + ntlmhash = ntlm_hash(password, opt) + end + userdomain = user.upcase + target + unless opt[:unicode] + userdomain = EncodeUtil.encode_utf16le(userdomain) + end + OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain) + end + + def lm_response(arg) + begin + hash = arg[:lm_hash] + chal = arg[:challenge] + rescue + raise ArgumentError + end + chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) + keys = gen_keys hash.ljust(21, "\0") + apply_des(chal, keys).join + end + + def ntlm_response(arg) + hash = arg[:ntlm_hash] + chal = arg[:challenge] + chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) + keys = gen_keys hash.ljust(21, "\0") + apply_des(chal, keys).join + end + + def ntlmv2_response(arg, opt = {}) + begin + key = arg[:ntlmv2_hash] + chal = arg[:challenge] + ti = arg[:target_info] + rescue + raise ArgumentError + end + chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) + + if opt[:client_challenge] + cc = opt[:client_challenge] + else + cc = rand(MAX64) + end + cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) + + if opt[:timestamp] + ts = opt[:timestamp] + else + ts = Time.now.to_i + end + # epoch -> milsec from Jan 1, 1601 + ts = 10_000_000 * (ts + TIME_OFFSET) + + blob = Blob.new + blob.timestamp = ts + blob.challenge = cc + blob.target_info = ti + + bb = blob.serialize + + OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb + end + + def lmv2_response(arg, opt = {}) + key = arg[:ntlmv2_hash] + chal = arg[:challenge] + + chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) + + if opt[:client_challenge] + cc = opt[:client_challenge] + else + cc = rand(MAX64) + end + cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) + + OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc + end + + def ntlm2_session(arg, opt = {}) + begin + passwd_hash = arg[:ntlm_hash] + chal = arg[:challenge] + rescue + raise ArgumentError + end + chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) + + if opt[:client_challenge] + cc = opt[:client_challenge] + else + cc = rand(MAX64) + end + cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) + + keys = gen_keys(passwd_hash.ljust(21, "\0")) + session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8) + response = apply_des(session_hash, keys).join + [cc.ljust(24, "\0"), response] + end + end + + end +end