author | xdono |
Mon, 15 Dec 2008 16:55:25 -0800 | |
changeset 1639 | a97859015238 |
parent 1334 | 21b652819b97 |
child 3859 | 8b82336dedb3 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
1639 | 2 |
* Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Sun designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Sun in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
|
22 |
* CA 95054 USA or visit www.sun.com if you need additional information or |
|
23 |
* have any questions. |
|
24 |
*/ |
|
25 |
||
26 |
package sun.net.www.protocol.http; |
|
27 |
||
28 |
import java.util.Arrays; |
|
29 |
import java.util.StringTokenizer; |
|
30 |
import java.util.Random; |
|
31 |
||
32 |
import sun.net.www.HeaderParser; |
|
33 |
||
34 |
import java.io.*; |
|
35 |
import javax.crypto.*; |
|
36 |
import javax.crypto.spec.*; |
|
37 |
import java.security.*; |
|
38 |
import java.net.*; |
|
39 |
||
40 |
/** |
|
41 |
* NTLMAuthentication: |
|
42 |
* |
|
43 |
* @author Michael McMahon |
|
44 |
*/ |
|
45 |
||
46 |
/* |
|
47 |
* NTLM authentication is nominally based on the framework defined in RFC2617, |
|
48 |
* but differs from the standard (Basic & Digest) schemes as follows: |
|
49 |
* |
|
50 |
* 1. A complete authentication requires three request/response transactions |
|
51 |
* as shown below: |
|
52 |
* REQ -------------------------------> |
|
53 |
* <---- 401 (signalling NTLM) -------- |
|
54 |
* |
|
55 |
* REQ (with type1 NTLM msg) ---------> |
|
56 |
* <---- 401 (with type 2 NTLM msg) --- |
|
57 |
* |
|
58 |
* REQ (with type3 NTLM msg) ---------> |
|
59 |
* <---- OK --------------------------- |
|
60 |
* |
|
61 |
* 2. The scope of the authentication is the TCP connection (which must be kept-alive) |
|
62 |
* after the type2 response is received. This means that NTLM does not work end-to-end |
|
63 |
* through a proxy, rather between client and proxy, or between client and server (with no proxy) |
|
64 |
*/ |
|
65 |
||
66 |
class NTLMAuthentication extends AuthenticationInfo { |
|
1334
21b652819b97
6746836: java.net exception classes don't specify serialVersionUID
chegar
parents:
2
diff
changeset
|
67 |
private static final long serialVersionUID = -2403849171106437142L; |
2 | 68 |
|
69 |
static char NTLM_AUTH = 'N'; |
|
70 |
||
71 |
private byte[] type1; |
|
72 |
private byte[] type3; |
|
73 |
||
74 |
private SecretKeyFactory fac; |
|
75 |
private Cipher cipher; |
|
76 |
private MessageDigest md4; |
|
77 |
private String hostname; |
|
78 |
private static String defaultDomain; /* Domain to use if not specified by user */ |
|
79 |
||
80 |
static { |
|
81 |
defaultDomain = java.security.AccessController.doPrivileged( |
|
82 |
new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", |
|
83 |
"domain")); |
|
84 |
}; |
|
85 |
||
86 |
static boolean supportsTransparentAuth () { |
|
87 |
return false; |
|
88 |
} |
|
89 |
||
90 |
private void init0() { |
|
91 |
type1 = new byte[256]; |
|
92 |
type3 = new byte[256]; |
|
93 |
System.arraycopy (new byte[] {'N','T','L','M','S','S','P',0,1}, 0, type1, 0, 9); |
|
94 |
type1[12] = (byte) 3; |
|
95 |
type1[13] = (byte) 0xb2; |
|
96 |
type1[28] = (byte) 0x20; |
|
97 |
System.arraycopy (new byte[] {'N','T','L','M','S','S','P',0,3}, 0, type3, 0, 9); |
|
98 |
type3[12] = (byte) 0x18; |
|
99 |
type3[14] = (byte) 0x18; |
|
100 |
type3[20] = (byte) 0x18; |
|
101 |
type3[22] = (byte) 0x18; |
|
102 |
type3[32] = (byte) 0x40; |
|
103 |
type3[60] = (byte) 1; |
|
104 |
type3[61] = (byte) 0x82; |
|
105 |
||
106 |
try { |
|
107 |
hostname = java.security.AccessController.doPrivileged( |
|
108 |
new java.security.PrivilegedAction<String>() { |
|
109 |
public String run() { |
|
110 |
String localhost; |
|
111 |
try { |
|
112 |
localhost = InetAddress.getLocalHost().getHostName().toUpperCase(); |
|
113 |
} catch (UnknownHostException e) { |
|
114 |
localhost = "localhost"; |
|
115 |
} |
|
116 |
return localhost; |
|
117 |
} |
|
118 |
}); |
|
119 |
int x = hostname.indexOf ('.'); |
|
120 |
if (x != -1) { |
|
121 |
hostname = hostname.substring (0, x); |
|
122 |
} |
|
123 |
fac = SecretKeyFactory.getInstance ("DES"); |
|
124 |
cipher = Cipher.getInstance ("DES/ECB/NoPadding"); |
|
125 |
md4 = sun.security.provider.MD4.getInstance(); |
|
126 |
} catch (NoSuchPaddingException e) { |
|
127 |
assert false; |
|
128 |
} catch (NoSuchAlgorithmException e) { |
|
129 |
assert false; |
|
130 |
} |
|
131 |
}; |
|
132 |
||
133 |
PasswordAuthentication pw; |
|
134 |
String username; |
|
135 |
String ntdomain; |
|
136 |
String password; |
|
137 |
||
138 |
/** |
|
139 |
* Create a NTLMAuthentication: |
|
140 |
* Username may be specified as domain<BACKSLASH>username in the application Authenticator. |
|
141 |
* If this notation is not used, then the domain will be taken |
|
142 |
* from a system property: "http.auth.ntlm.domain". |
|
143 |
*/ |
|
144 |
public NTLMAuthentication(boolean isProxy, URL url, PasswordAuthentication pw) { |
|
145 |
super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, NTLM_AUTH, url, ""); |
|
146 |
init (pw); |
|
147 |
} |
|
148 |
||
149 |
private void init (PasswordAuthentication pw) { |
|
150 |
this.pw = pw; |
|
151 |
String s = pw.getUserName(); |
|
152 |
int i = s.indexOf ('\\'); |
|
153 |
if (i == -1) { |
|
154 |
username = s; |
|
155 |
ntdomain = defaultDomain; |
|
156 |
} else { |
|
157 |
ntdomain = s.substring (0, i).toUpperCase(); |
|
158 |
username = s.substring (i+1); |
|
159 |
} |
|
160 |
password = new String (pw.getPassword()); |
|
161 |
init0(); |
|
162 |
} |
|
163 |
||
164 |
/** |
|
165 |
* Constructor used for proxy entries |
|
166 |
*/ |
|
167 |
public NTLMAuthentication(boolean isProxy, String host, int port, |
|
168 |
PasswordAuthentication pw) { |
|
169 |
super(isProxy?PROXY_AUTHENTICATION:SERVER_AUTHENTICATION, NTLM_AUTH,host, port, ""); |
|
170 |
init (pw); |
|
171 |
} |
|
172 |
||
173 |
/** |
|
174 |
* @return true if this authentication supports preemptive authorization |
|
175 |
*/ |
|
176 |
boolean supportsPreemptiveAuthorization() { |
|
177 |
return false; |
|
178 |
} |
|
179 |
||
180 |
/** |
|
181 |
* @return the name of the HTTP header this authentication wants set |
|
182 |
*/ |
|
183 |
String getHeaderName() { |
|
184 |
if (type == SERVER_AUTHENTICATION) { |
|
185 |
return "Authorization"; |
|
186 |
} else { |
|
187 |
return "Proxy-authorization"; |
|
188 |
} |
|
189 |
} |
|
190 |
||
191 |
/** |
|
192 |
* Not supported. Must use the setHeaders() method |
|
193 |
*/ |
|
194 |
String getHeaderValue(URL url, String method) { |
|
195 |
throw new RuntimeException ("getHeaderValue not supported"); |
|
196 |
} |
|
197 |
||
198 |
/** |
|
199 |
* Check if the header indicates that the current auth. parameters are stale. |
|
200 |
* If so, then replace the relevant field with the new value |
|
201 |
* and return true. Otherwise return false. |
|
202 |
* returning true means the request can be retried with the same userid/password |
|
203 |
* returning false means we have to go back to the user to ask for a new |
|
204 |
* username password. |
|
205 |
*/ |
|
206 |
boolean isAuthorizationStale (String header) { |
|
207 |
return false; /* should not be called for ntlm */ |
|
208 |
} |
|
209 |
||
210 |
/** |
|
211 |
* Set header(s) on the given connection. |
|
212 |
* @param conn The connection to apply the header(s) to |
|
213 |
* @param p A source of header values for this connection, not used because |
|
214 |
* HeaderParser converts the fields to lower case, use raw instead |
|
215 |
* @param raw The raw header field. |
|
216 |
* @return true if all goes well, false if no headers were set. |
|
217 |
*/ |
|
218 |
synchronized boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) { |
|
219 |
||
220 |
try { |
|
221 |
String response; |
|
222 |
if (raw.length() < 6) { /* NTLM<sp> */ |
|
223 |
response = buildType1Msg (); |
|
224 |
} else { |
|
225 |
String msg = raw.substring (5); /* skip NTLM<sp> */ |
|
226 |
response = buildType3Msg (msg); |
|
227 |
} |
|
228 |
conn.setAuthenticationProperty(getHeaderName(), response); |
|
229 |
return true; |
|
230 |
} catch (IOException e) { |
|
231 |
return false; |
|
232 |
} catch (GeneralSecurityException e) { |
|
233 |
return false; |
|
234 |
} |
|
235 |
} |
|
236 |
||
237 |
/* This is a no-op for NTLM, because there is no authentication information |
|
238 |
* provided by the server to the client |
|
239 |
*/ |
|
240 |
public void checkResponse (String header, String method, URL url) throws IOException { |
|
241 |
} |
|
242 |
||
243 |
||
244 |
private void copybytes (byte[] dest, int destpos, String src, String enc) { |
|
245 |
try { |
|
246 |
byte[] x = src.getBytes(enc); |
|
247 |
System.arraycopy (x, 0, dest, destpos, x.length); |
|
248 |
} catch (UnsupportedEncodingException e) { |
|
249 |
assert false; |
|
250 |
} |
|
251 |
} |
|
252 |
||
253 |
private String buildType1Msg () { |
|
254 |
int dlen = ntdomain.length(); |
|
255 |
type1[16]= (byte) (dlen % 256); |
|
256 |
type1[17]= (byte) (dlen / 256); |
|
257 |
type1[18] = type1[16]; |
|
258 |
type1[19] = type1[17]; |
|
259 |
||
260 |
int hlen = hostname.length(); |
|
261 |
type1[24]= (byte) (hlen % 256); |
|
262 |
type1[25]= (byte) (hlen / 256); |
|
263 |
type1[26] = type1[24]; |
|
264 |
type1[27] = type1[25]; |
|
265 |
||
266 |
copybytes (type1, 32, hostname, "ISO8859_1"); |
|
267 |
copybytes (type1, hlen+32, ntdomain, "ISO8859_1"); |
|
268 |
type1[20] = (byte) ((hlen+32) % 256); |
|
269 |
type1[21] = (byte) ((hlen+32) / 256); |
|
270 |
||
271 |
byte[] msg = new byte [32 + hlen + dlen]; |
|
272 |
System.arraycopy (type1, 0, msg, 0, 32 + hlen + dlen); |
|
273 |
String result = "NTLM " + (new B64Encoder()).encode (msg); |
|
274 |
return result; |
|
275 |
} |
|
276 |
||
277 |
||
278 |
/* Convert a 7 byte array to an 8 byte array (for a des key with parity) |
|
279 |
* input starts at offset off |
|
280 |
*/ |
|
281 |
private byte[] makeDesKey (byte[] input, int off) { |
|
282 |
int[] in = new int [input.length]; |
|
283 |
for (int i=0; i<in.length; i++ ) { |
|
284 |
in[i] = input[i]<0 ? input[i]+256: input[i]; |
|
285 |
} |
|
286 |
byte[] out = new byte[8]; |
|
287 |
out[0] = (byte)in[off+0]; |
|
288 |
out[1] = (byte)(((in[off+0] << 7) & 0xFF) | (in[off+1] >> 1)); |
|
289 |
out[2] = (byte)(((in[off+1] << 6) & 0xFF) | (in[off+2] >> 2)); |
|
290 |
out[3] = (byte)(((in[off+2] << 5) & 0xFF) | (in[off+3] >> 3)); |
|
291 |
out[4] = (byte)(((in[off+3] << 4) & 0xFF) | (in[off+4] >> 4)); |
|
292 |
out[5] = (byte)(((in[off+4] << 3) & 0xFF) | (in[off+5] >> 5)); |
|
293 |
out[6] = (byte)(((in[off+5] << 2) & 0xFF) | (in[off+6] >> 6)); |
|
294 |
out[7] = (byte)((in[off+6] << 1) & 0xFF); |
|
295 |
return out; |
|
296 |
} |
|
297 |
||
298 |
private byte[] calcLMHash () throws GeneralSecurityException { |
|
299 |
byte[] magic = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; |
|
300 |
byte[] pwb = password.toUpperCase ().getBytes(); |
|
301 |
byte[] pwb1 = new byte [14]; |
|
302 |
int len = password.length(); |
|
303 |
if (len > 14) |
|
304 |
len = 14; |
|
305 |
System.arraycopy (pwb, 0, pwb1, 0, len); /* Zero padded */ |
|
306 |
||
307 |
DESKeySpec dks1 = new DESKeySpec (makeDesKey (pwb1, 0)); |
|
308 |
DESKeySpec dks2 = new DESKeySpec (makeDesKey (pwb1, 7)); |
|
309 |
||
310 |
SecretKey key1 = fac.generateSecret (dks1); |
|
311 |
SecretKey key2 = fac.generateSecret (dks2); |
|
312 |
cipher.init (Cipher.ENCRYPT_MODE, key1); |
|
313 |
byte[] out1 = cipher.doFinal (magic, 0, 8); |
|
314 |
cipher.init (Cipher.ENCRYPT_MODE, key2); |
|
315 |
byte[] out2 = cipher.doFinal (magic, 0, 8); |
|
316 |
||
317 |
byte[] result = new byte [21]; |
|
318 |
System.arraycopy (out1, 0, result, 0, 8); |
|
319 |
System.arraycopy (out2, 0, result, 8, 8); |
|
320 |
return result; |
|
321 |
} |
|
322 |
||
323 |
private byte[] calcNTHash () throws GeneralSecurityException { |
|
324 |
byte[] pw = null; |
|
325 |
try { |
|
326 |
pw = password.getBytes ("UnicodeLittleUnmarked"); |
|
327 |
} catch (UnsupportedEncodingException e) { |
|
328 |
assert false; |
|
329 |
} |
|
330 |
byte[] out = md4.digest (pw); |
|
331 |
byte[] result = new byte [21]; |
|
332 |
System.arraycopy (out, 0, result, 0, 16); |
|
333 |
return result; |
|
334 |
} |
|
335 |
||
336 |
/* key is a 21 byte array. Split it into 3 7 byte chunks, |
|
337 |
* Convert each to 8 byte DES keys, encrypt the text arg with |
|
338 |
* each key and return the three results in a sequential [] |
|
339 |
*/ |
|
340 |
private byte[] calcResponse (byte[] key, byte[] text) |
|
341 |
throws GeneralSecurityException { |
|
342 |
assert key.length == 21; |
|
343 |
DESKeySpec dks1 = new DESKeySpec (makeDesKey (key, 0)); |
|
344 |
DESKeySpec dks2 = new DESKeySpec (makeDesKey (key, 7)); |
|
345 |
DESKeySpec dks3 = new DESKeySpec (makeDesKey (key, 14)); |
|
346 |
SecretKey key1 = fac.generateSecret (dks1); |
|
347 |
SecretKey key2 = fac.generateSecret (dks2); |
|
348 |
SecretKey key3 = fac.generateSecret (dks3); |
|
349 |
cipher.init (Cipher.ENCRYPT_MODE, key1); |
|
350 |
byte[] out1 = cipher.doFinal (text, 0, 8); |
|
351 |
cipher.init (Cipher.ENCRYPT_MODE, key2); |
|
352 |
byte[] out2 = cipher.doFinal (text, 0, 8); |
|
353 |
cipher.init (Cipher.ENCRYPT_MODE, key3); |
|
354 |
byte[] out3 = cipher.doFinal (text, 0, 8); |
|
355 |
byte[] result = new byte [24]; |
|
356 |
System.arraycopy (out1, 0, result, 0, 8); |
|
357 |
System.arraycopy (out2, 0, result, 8, 8); |
|
358 |
System.arraycopy (out3, 0, result, 16, 8); |
|
359 |
return result; |
|
360 |
} |
|
361 |
||
362 |
private String buildType3Msg (String challenge) throws GeneralSecurityException, |
|
363 |
IOException { |
|
364 |
/* First decode the type2 message to get the server nonce */ |
|
365 |
/* nonce is located at type2[24] for 8 bytes */ |
|
366 |
||
367 |
byte[] type2 = (new sun.misc.BASE64Decoder()).decodeBuffer (challenge); |
|
368 |
byte[] nonce = new byte [8]; |
|
369 |
System.arraycopy (type2, 24, nonce, 0, 8); |
|
370 |
||
371 |
int ulen = username.length()*2; |
|
372 |
type3[36] = type3[38] = (byte) (ulen % 256); |
|
373 |
type3[37] = type3[39] = (byte) (ulen / 256); |
|
374 |
int dlen = ntdomain.length()*2; |
|
375 |
type3[28] = type3[30] = (byte) (dlen % 256); |
|
376 |
type3[29] = type3[31] = (byte) (dlen / 256); |
|
377 |
int hlen = hostname.length()*2; |
|
378 |
type3[44] = type3[46] = (byte) (hlen % 256); |
|
379 |
type3[45] = type3[47] = (byte) (hlen / 256); |
|
380 |
||
381 |
int l = 64; |
|
382 |
copybytes (type3, l, ntdomain, "UnicodeLittleUnmarked"); |
|
383 |
type3[32] = (byte) (l % 256); |
|
384 |
type3[33] = (byte) (l / 256); |
|
385 |
l += dlen; |
|
386 |
copybytes (type3, l, username, "UnicodeLittleUnmarked"); |
|
387 |
type3[40] = (byte) (l % 256); |
|
388 |
type3[41] = (byte) (l / 256); |
|
389 |
l += ulen; |
|
390 |
copybytes (type3, l, hostname, "UnicodeLittleUnmarked"); |
|
391 |
type3[48] = (byte) (l % 256); |
|
392 |
type3[49] = (byte) (l / 256); |
|
393 |
l += hlen; |
|
394 |
||
395 |
byte[] lmhash = calcLMHash(); |
|
396 |
byte[] lmresponse = calcResponse (lmhash, nonce); |
|
397 |
byte[] nthash = calcNTHash(); |
|
398 |
byte[] ntresponse = calcResponse (nthash, nonce); |
|
399 |
System.arraycopy (lmresponse, 0, type3, l, 24); |
|
400 |
type3[16] = (byte) (l % 256); |
|
401 |
type3[17] = (byte) (l / 256); |
|
402 |
l += 24; |
|
403 |
System.arraycopy (ntresponse, 0, type3, l, 24); |
|
404 |
type3[24] = (byte) (l % 256); |
|
405 |
type3[25] = (byte) (l / 256); |
|
406 |
l += 24; |
|
407 |
type3[56] = (byte) (l % 256); |
|
408 |
type3[57] = (byte) (l / 256); |
|
409 |
||
410 |
byte[] msg = new byte [l]; |
|
411 |
System.arraycopy (type3, 0, msg, 0, l); |
|
412 |
String result = "NTLM " + (new B64Encoder()).encode (msg); |
|
413 |
return result; |
|
414 |
} |
|
415 |
||
416 |
} |
|
417 |
||
418 |
||
419 |
class B64Encoder extends sun.misc.BASE64Encoder { |
|
420 |
/* to force it to to the entire encoding in one line */ |
|
421 |
protected int bytesPerLine () { |
|
422 |
return 1024; |
|
423 |
} |
|
424 |
} |