Class NtlmAuth


  • public class NtlmAuth
    extends java.lang.Object
    This class calculates the two "responses" to the nonce supplied by the server as a part of NTLM authentication. Much gratitude to the authors of this page, esp. for NTLMv2 info: http://davenport.sourceforge.net/ntlm.html
    Version:
    $Id: NtlmAuth.java,v 1.7 2006-06-23 18:00:56 matt_brinkley Exp $
    Author:
    Matt Brinkley
    • Constructor Summary

      Constructors 
      Constructor Description
      NtlmAuth()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static byte[] answerLmChallenge​(java.lang.String pwd, byte[] nonce)  
      static byte[] answerLmv2Challenge​(java.lang.String domain, java.lang.String user, java.lang.String password, byte[] nonce, byte[] clientNonce)  
      static byte[] answerNtChallenge​(java.lang.String password, byte[] nonce)  
      static byte[] answerNtlmv2Challenge​(java.lang.String domain, java.lang.String user, java.lang.String password, byte[] nonce, byte[] targetInfo, byte[] clientNonce)  
      static byte[] answerNtlmv2Challenge​(java.lang.String domain, java.lang.String user, java.lang.String password, byte[] nonce, byte[] targetInfo, byte[] clientNonce, byte[] timestamp)  
      static byte[] answerNtlmv2Challenge​(java.lang.String domain, java.lang.String user, java.lang.String password, byte[] nonce, byte[] targetInfo, byte[] clientNonce, long now)  
      private static byte[] convertPassword​(java.lang.String password)
      Used by answerNtlmChallenge.
      private static byte[] createBlob​(byte[] targetInformation, byte[] clientChallenge, byte[] timestamp)
      Creates the NTLMv2 blob from the given target information block and client challenge.
      static byte[] createTimestamp​(long time)
      Creates a timestamp in the format used in NTLMv2 responses.
      private static byte[] encryptNonce​(byte[] key, byte[] nonce)  
      private static byte[] hmacMD5​(byte[] data, byte[] key)
      Calculates the HMAC-MD5 hash of the given data using the specified hashing key.
      private static byte[] lmv2Response​(byte[] hash, byte[] clientData, byte[] challenge)
      Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.
      private static byte[] makeDESkey​(byte[] buf, int off)
      Turns a 7-byte DES key into an 8-byte one by adding parity bits.
      private static byte[] md5​(byte[] data)  
      private static byte[] ntHash​(java.lang.String password)
      Creates the md4 hash of the unicode password.
      private static byte[] ntv2Hash​(java.lang.String domain, java.lang.String user, java.lang.String password)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • NtlmAuth

        public NtlmAuth()
    • Method Detail

      • answerNtChallenge

        public static byte[] answerNtChallenge​(java.lang.String password,
                                               byte[] nonce)
                                        throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • answerLmChallenge

        public static byte[] answerLmChallenge​(java.lang.String pwd,
                                               byte[] nonce)
                                        throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • answerNtlmv2Challenge

        public static byte[] answerNtlmv2Challenge​(java.lang.String domain,
                                                   java.lang.String user,
                                                   java.lang.String password,
                                                   byte[] nonce,
                                                   byte[] targetInfo,
                                                   byte[] clientNonce)
                                            throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • answerNtlmv2Challenge

        public static byte[] answerNtlmv2Challenge​(java.lang.String domain,
                                                   java.lang.String user,
                                                   java.lang.String password,
                                                   byte[] nonce,
                                                   byte[] targetInfo,
                                                   byte[] clientNonce,
                                                   byte[] timestamp)
                                            throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • answerNtlmv2Challenge

        public static byte[] answerNtlmv2Challenge​(java.lang.String domain,
                                                   java.lang.String user,
                                                   java.lang.String password,
                                                   byte[] nonce,
                                                   byte[] targetInfo,
                                                   byte[] clientNonce,
                                                   long now)
                                            throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • answerLmv2Challenge

        public static byte[] answerLmv2Challenge​(java.lang.String domain,
                                                 java.lang.String user,
                                                 java.lang.String password,
                                                 byte[] nonce,
                                                 byte[] clientNonce)
                                          throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • ntv2Hash

        private static byte[] ntv2Hash​(java.lang.String domain,
                                       java.lang.String user,
                                       java.lang.String password)
                                throws java.io.UnsupportedEncodingException
        Throws:
        java.io.UnsupportedEncodingException
      • lmv2Response

        private static byte[] lmv2Response​(byte[] hash,
                                           byte[] clientData,
                                           byte[] challenge)
        Creates the LMv2 Response from the given hash, client data, and Type 2 challenge.
        Parameters:
        hash - The NTLMv2 Hash.
        clientData - The client data (blob or client challenge).
        challenge - The server challenge from the Type 2 message.
        Returns:
        The response (either NTLMv2 or LMv2, depending on the client data).
      • hmacMD5

        private static byte[] hmacMD5​(byte[] data,
                                      byte[] key)
        Calculates the HMAC-MD5 hash of the given data using the specified hashing key.
        Parameters:
        data - The data for which the hash will be calculated.
        key - The hashing key.
        Returns:
        The HMAC-MD5 hash of the given data.
      • md5

        private static byte[] md5​(byte[] data)
      • createTimestamp

        public static byte[] createTimestamp​(long time)
        Creates a timestamp in the format used in NTLMv2 responses. Public so it could be unit tested.
        Parameters:
        time - current time, as returned from System.currentTimeMillis
        Returns:
        little-endian byte array of number of tenths of microseconds since Jan 1, 1601
      • createBlob

        private static byte[] createBlob​(byte[] targetInformation,
                                         byte[] clientChallenge,
                                         byte[] timestamp)
        Creates the NTLMv2 blob from the given target information block and client challenge.
        Parameters:
        targetInformation - The target information block from the Type 2 message.
        clientChallenge - The random 8-byte client challenge.
        Returns:
        The blob, used in the calculation of the NTLMv2 Response.
      • encryptNonce

        private static byte[] encryptNonce​(byte[] key,
                                           byte[] nonce)
      • ntHash

        private static byte[] ntHash​(java.lang.String password)
                              throws java.io.UnsupportedEncodingException
        Creates the md4 hash of the unicode password. This is used as the DES key when encrypting the nonce for NTLM challenge-response
        Throws:
        java.io.UnsupportedEncodingException
      • convertPassword

        private static byte[] convertPassword​(java.lang.String password)
                                       throws java.io.UnsupportedEncodingException
        Used by answerNtlmChallenge. We need the password converted to caps, narrowed and padded/truncated to 14 chars...
        Throws:
        java.io.UnsupportedEncodingException
      • makeDESkey

        private static byte[] makeDESkey​(byte[] buf,
                                         int off)
        Turns a 7-byte DES key into an 8-byte one by adding parity bits. All implementations of DES seem to want an 8-byte key.