rubyntlm 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 92fe9fbd41088f3bb6dd585c16c9b105a91820bc
-  data.tar.gz: 7cb29dfd82e71ff8075f143889da01ca406d41d1
+  metadata.gz: 33cb0ea71a4b1d8149a2a8bf39c5f24bd2752d5b
+  data.tar.gz: 032e16ead1a05ddcf0268d79c4ffff2ff631bfcf
 SHA512:
-  metadata.gz: 6fd7a286d8a55f4ff6aeb7b0bc24d8dd1c37b4daaaa73e6f1ac747de520690085ea026eeec4e3d0c7b1c3225189c5b8591de0361c5e12b32ff54a30ec9da569a
-  data.tar.gz: d4ab713acacb9e2450d66e8bcdb814a9cdadabcd65b29b6743889434cfec3e77aa30ef475ec4871c34b5b2de81488503433b716c316954a30e1b8df2da69cc75
+  metadata.gz: c276677b10f3f2b7fa35817fce82e1cfd5012298c752fbfc4576f0b4d45d339a5e6589fb547c16aa6609cb4174f2e9ac396c0f49ad7e7267f5b68b20f6e1fa47
+  data.tar.gz: 40e3423ad351782e571611b32704b583c0b75a06a2b3acedc62dc9c6e916b0bc3356fe51d1060dd3cda0ef330b175ad108623625b3f7a6f6eb7728f66d03216e

data/.rspec

@@ -1,3 +1,2 @@
---format nested
---colour
---drb
+--format documentation
+--color

data/README.md

@@ -6,19 +6,26 @@ Ruby/NTLM provides message creator and parser for the NTLM authentication.
 
 __100% Ruby__
 
+How to install
+--------------
+
+```ruby
+require 'rubyntlm'
+```
+
 Simple Example
 --------------
 
 ### Creating NTLM Type 1 message
 
 ```ruby
-   t1 = NTLM::Message::Type1.new()
+   t1 = Net::NTLM::Message::Type1.new()
 ```
 
 ### Parsing NTLM Type 2 message from server
 
 ```ruby
-   t2 = NTLM::Message.parse(message_from_server)
+   t2 = Net::NTLM::Message.parse(message_from_server)
 ```
 
 ### Creating NTLM Type 3 message

data/Rakefile

@@ -12,3 +12,11 @@ task :coverage do
   Rake::Task["spec"].execute
 end
 
+desc "Open a Pry console for this library"
+task :console do
+  require 'pry'
+  require 'net/ntlm'
+  ARGV.clear
+  Pry.start
+end
+

data/examples/http.rb

@@ -48,7 +48,7 @@ def main
 	
 	unless $user and $passwd
 		target = t2.target_name
-		target = Net::NTLM::decode_utf16le(target) if t2.has_flag?(:UNICODE)
+		target = Net::NTLM::EncodeUtil.decode_utf16le(target) if t2.has_flag?(:UNICODE)
 		puts "Target: #{target}"
 		print "User name: "
 		($user = $stdin.readline).chomp!

data/lib/net/ntlm.rb

@@ -57,11 +57,9 @@ require 'net/ntlm/message/type1'
 require 'net/ntlm/message/type2'
 require 'net/ntlm/message/type3'
 
-
 require 'net/ntlm/encode_util'
 
-
-
+require 'net/ntlm/client'
 
 module Net
   module NTLM
@@ -102,10 +100,11 @@ module Net
       end
 
       def apply_des(plain, keys)
-        dec = OpenSSL::Cipher::DES.new
+        dec = OpenSSL::Cipher::Cipher.new("des-cbc")
+        dec.padding = 0
         keys.map {|k|
           dec.key = k
-          dec.encrypt.update(plain)
+          dec.encrypt.update(plain) + dec.final
         }
       end
 
@@ -134,7 +133,7 @@ module Net
       # @option opt :unicode (false) Unicode encode the domain
       def ntlmv2_hash(user, password, target, opt={})
         ntlmhash = ntlm_hash(password, opt)
-        userdomain = (user + target).upcase
+        userdomain = user.upcase + target
         unless opt[:unicode]
           userdomain = EncodeUtil.encode_utf16le(userdomain)
         end
@@ -184,7 +183,7 @@ module Net
           ts = Time.now.to_i
         end
         # epoch -> milsec from Jan 1, 1601
-        ts = 10000000 * (ts + TIME_OFFSET)
+        ts = 10_000_000 * (ts + TIME_OFFSET)
 
         blob = Blob.new
         blob.timestamp = ts
@@ -192,6 +191,7 @@ module Net
         blob.target_info = ti
 
         bb = blob.serialize
+
         OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
       end
 
@@ -218,15 +218,16 @@ module Net
         rescue
           raise ArgumentError
         end
+        chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
 
         if opt[:client_challenge]
-          cc  = opt[:client_challenge]
+          cc = opt[:client_challenge]
         else
           cc = rand(MAX64)
         end
         cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
 
-        keys = gen_keys passwd_hash.ljust(21, "\0")
+        keys = gen_keys(passwd_hash.ljust(21, "\0"))
         session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8)
         response = apply_des(session_hash, keys).join
         [cc.ljust(24, "\0"), response]

data/lib/net/ntlm/blob.rb

@@ -4,14 +4,25 @@ module Net
     BLOB_SIGN = 0x00000101
 
     class Blob < FieldSet
-      int32LE    :blob_signature,   {:value => BLOB_SIGN}
-      int32LE    :reserved,         {:value => 0}
+      int32LE    :blob_signature, {:value => BLOB_SIGN}
+      int32LE    :reserved,       {:value => 0}
       int64LE    :timestamp,      {:value => 0}
       string     :challenge,      {:value => "", :size => 8}
-      int32LE    :unknown1,     {:value => 0}
-      string     :target_info,      {:value => "", :size => 0}
-      int32LE    :unknown2,         {:value => 0}
+      int32LE    :unknown1,       {:value => 0}
+      string     :target_info,    {:value => "", :size => 0}
+      int32LE    :unknown2,       {:value => 0}
+
+      def parse(str, offset=0)
+        # 28 is the length of all fields before the variable-length
+        # target_info field.
+        if str.size > 28
+          enable(:target_info)
+          # Grab everything except the last 4 bytes (which will be :unknown2)
+          self[:target_info].value = str[28..-5]
+        end
+        super
+      end
     end
 
   end
-end
+end

data/lib/net/ntlm/client.rb

@@ -0,0 +1,61 @@
+module Net
+  module NTLM
+    class Client
+
+      DEFAULT_FLAGS = NTLM::FLAGS[:UNICODE] | NTLM::FLAGS[:OEM] |
+        NTLM::FLAGS[:SIGN]   | NTLM::FLAGS[:SEAL]         | NTLM::FLAGS[:REQUEST_TARGET] |
+        NTLM::FLAGS[:NTLM]   | NTLM::FLAGS[:ALWAYS_SIGN]  | NTLM::FLAGS[:NTLM2_KEY] |
+        NTLM::FLAGS[:KEY128] | NTLM::FLAGS[:KEY_EXCHANGE] | NTLM::FLAGS[:KEY56]
+
+      attr_reader :username, :password, :domain, :workstation, :flags
+
+      # @note All string parameters should be encoded in UTF-8. The proper
+      #   final encoding for placing in the various {Message messages} will be
+      #   chosen based on negotiation with the server.
+      #
+      # @param username [String]
+      # @param password [String]
+      # @option opts [String] :domain where we're authenticating to
+      # @option opts [String] :workstation local workstation name
+      # @option opts [Fixnum] :flags (DEFAULT_FLAGS) see Net::NTLM::Message::Type1.flag
+      def initialize(username, password, opts = {})
+        @username     = username
+        @password     = password
+        @domain       = opts[:domain] || nil
+        @workstation  = opts[:workstation] || nil
+        @flags        = opts[:flags] || DEFAULT_FLAGS
+      end
+
+      # @return [NTLM::Message]
+      def init_context(resp = nil)
+        if resp.nil?
+          @session = nil
+          type1_message
+        else
+          @session = Client::Session.new(self, Net::NTLM::Message.decode64(resp))
+          @session.authenticate!
+        end
+      end
+
+      # @return [Client::Session]
+      def session
+        @session
+      end
+
+      private
+
+      # @return [Message::Type1]
+      def type1_message
+        type1 = Message::Type1.new
+        type1[:flag].value = flags
+        type1.domain = domain if domain
+        type1.workstation = workstation if workstation
+
+        type1
+      end
+
+    end
+  end
+end
+
+require "net/ntlm/client/session"

data/lib/net/ntlm/client/session.rb

@@ -0,0 +1,223 @@
+module Net
+  module NTLM
+    class Client::Session
+
+      VERSION_MAGIC = "\x01\x00\x00\x00"
+      TIME_OFFSET   = 11644473600
+      MAX64         = 0xffffffffffffffff
+      CLIENT_TO_SERVER_SIGNING = "session key to client-to-server signing key magic constant\0"
+      SERVER_TO_CLIENT_SIGNING = "session key to server-to-client signing key magic constant\0"
+      CLIENT_TO_SERVER_SEALING = "session key to client-to-server sealing key magic constant\0"
+      SERVER_TO_CLIENT_SEALING = "session key to server-to-client sealing key magic constant\0"
+
+      attr_reader :client, :challenge_message
+
+      # @param client [Net::NTLM::Client] the client instance
+      # @param challenge_message [Net::NTLM::Message::Type2] server message
+      def initialize(client, challenge_message)
+        @client = client
+        @challenge_message = challenge_message
+      end
+
+      # Generate an NTLMv2 AUTHENTICATE_MESSAGE
+      # @see http://msdn.microsoft.com/en-us/library/cc236643.aspx
+      # @return [Net::NTLM::Message::Type3]
+      def authenticate!
+        calculate_user_session_key!
+        type3_opts = {
+          :lm_response   => lmv2_resp,
+          :ntlm_response => ntlmv2_resp,
+          :domain        => domain,
+          :user          => username,
+          :workstation   => workstation,
+          :flag          => (challenge_message.flag & client.flags)
+        }
+        t3 = Message::Type3.create type3_opts
+        if negotiate_key_exchange?
+          t3.enable(:session_key)
+          rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+          rc4.encrypt
+          rc4.key = user_session_key
+          sk = rc4.update master_key
+          sk << rc4.final
+          t3.session_key = sk
+        end
+        t3
+      end
+
+      def sign_message(message)
+        seq = sequence
+        sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, client_sign_key, "#{seq}#{message}")[0..7]
+        if negotiate_key_exchange?
+          sig = client_cipher.update sig
+          sig << client_cipher.final
+        end
+        "#{VERSION_MAGIC}#{sig}#{seq}"
+      end
+
+      def verify_signature(signature, message)
+        seq = signature[-4..-1]
+        sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, server_sign_key, "#{seq}#{message}")[0..7]
+        if negotiate_key_exchange?
+          sig = server_cipher.update sig
+          sig << server_cipher.final
+        end
+        "#{VERSION_MAGIC}#{sig}#{seq}" == signature
+      end
+
+      def seal_message(message)
+        emessage = client_cipher.update(message)
+        emessage + client_cipher.final
+      end
+
+      def unseal_message(emessage)
+        message = server_cipher.update(emessage)
+        message + server_cipher.final
+      end
+
+
+      private
+
+
+      def user_session_key
+        @user_session_key ||=  nil
+      end
+
+      def master_key
+        @master_key ||= begin
+                          if negotiate_key_exchange?
+                            OpenSSL::Cipher.new("rc4").random_key
+                          else
+                            user_session_key
+                          end
+                        end
+      end
+
+      def sequence
+        [raw_sequence].pack("V*")
+      end
+
+      def raw_sequence
+        if defined? @raw_sequence
+          @raw_sequence += 1
+        else
+          @raw_sequence = 0
+        end
+      end
+
+      def client_sign_key
+        @client_sign_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{CLIENT_TO_SERVER_SIGNING}"
+      end
+
+      def server_sign_key
+        @server_sign_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{SERVER_TO_CLIENT_SIGNING}"
+      end
+
+      def client_seal_key
+        @client_seal_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{CLIENT_TO_SERVER_SEALING}"
+      end
+
+      def server_seal_key
+        @server_seal_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{SERVER_TO_CLIENT_SEALING}"
+      end
+
+      def client_cipher
+        @client_cipher ||=
+          begin
+            rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+            rc4.encrypt
+            rc4.key = client_seal_key
+            rc4
+          end
+      end
+
+      def server_cipher
+        @server_cipher ||=
+          begin
+            rc4 = OpenSSL::Cipher::Cipher.new("rc4")
+            rc4.decrypt
+            rc4.key = server_seal_key
+            rc4
+          end
+      end
+
+      def client_challenge
+        @client_challenge ||= NTLM.pack_int64le(rand(MAX64))
+      end
+
+      def server_challenge
+        @server_challenge ||= challenge_message[:challenge].serialize
+      end
+
+      # epoch -> milsec from Jan 1, 1601
+      # @see http://support.microsoft.com/kb/188768
+      def timestamp
+        @timestamp ||= 10_000_000 * (Time.now.to_i + TIME_OFFSET)
+      end
+
+      def use_oem_strings?
+        challenge_message.has_flag? :OEM
+      end
+
+      def negotiate_key_exchange?
+        challenge_message.has_flag? :KEY_EXCHANGE
+      end
+
+      def username
+        oem_or_unicode_str client.username
+      end
+
+      def password
+        oem_or_unicode_str client.password
+      end
+
+      def workstation
+        (client.domain ? oem_or_unicode_str(client.workstation) : "")
+      end
+
+      def domain
+        (client.domain ? oem_or_unicode_str(client.domain) : "")
+      end
+
+      def oem_or_unicode_str(str)
+        if use_oem_strings?
+          NTLM::EncodeUtil.decode_utf16le str
+        else
+          NTLM::EncodeUtil.encode_utf16le str
+        end
+      end
+
+      def ntlmv2_hash
+        @ntlmv2_hash ||= NTLM.ntlmv2_hash(username, password, domain, {:client_challenge => client_challenge, :unicode => !use_oem_strings?})
+      end
+
+      def calculate_user_session_key!
+        @user_session_key = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, nt_proof_str)
+      end
+
+      def lmv2_resp
+        OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, server_challenge + client_challenge) + client_challenge
+      end
+
+      def ntlmv2_resp
+        nt_proof_str + blob
+      end
+
+      def nt_proof_str
+        @nt_proof_str ||= OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, server_challenge + blob)
+      end
+
+      def blob
+        @blob ||=
+          begin
+            b = Blob.new
+            b.timestamp = timestamp
+            b.challenge = client_challenge
+            b.target_info = challenge_message.target_info
+            b.serialize
+          end
+      end
+
+    end
+  end
+end