Class: Net::NTLM::Client::Session

Inherits:
Object
  • Object
show all
Defined in:
lib/net/ntlm/client/session.rb

Constant Summary collapse

VERSION_MAGIC = 
"\x01\x00\x00\x00"
TIME_OFFSET = 
11644473600
MAX64 = 
0xffffffffffffffff
CLIENT_TO_SERVER_SIGNING = 
"session key to client-to-server signing key magic constant\0"
SERVER_TO_CLIENT_SIGNING = 
"session key to server-to-client signing key magic constant\0"
CLIENT_TO_SERVER_SEALING = 
"session key to client-to-server sealing key magic constant\0"
SERVER_TO_CLIENT_SEALING = 
"session key to server-to-client sealing key magic constant\0"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client, challenge_message, channel_binding = nil) ⇒ Session

Returns a new instance of Session.

Parameters:



17
18
19
20
21
 
# File 'lib/net/ntlm/client/session.rb', line 17

def initialize(client, challenge_message, channel_binding = nil)
  @client = client
  @challenge_message = challenge_message
  @channel_binding = channel_binding
end

Instance Attribute Details

#challenge_messageObject (readonly)

Returns the value of attribute challenge_message.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def challenge_message
  @challenge_message
end

#channel_bindingObject (readonly)

Returns the value of attribute channel_binding.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def channel_binding
  @channel_binding
end

#clientObject (readonly)

Returns the value of attribute client.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def client
  @client
end

Instance Method Details

#authenticate!Net::NTLM::Message::Type3

Generate an NTLMv2 AUTHENTICATE_MESSAGE

Returns:

See Also:



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/net/ntlm/client/session.rb', line 26

def authenticate!
  calculate_user_session_key!
  type3_opts = {
    :lm_response   => is_anonymous? ? "\x00".b : lmv2_resp,
    :ntlm_response => is_anonymous? ? '' : ntlmv2_resp,
    :domain        => domain,
    :user          => username,
    :workstation   => workstation,
    :flag          => (challenge_message.flag & client.flags)
  }
  t3 = Message::Type3.create type3_opts
  if negotiate_key_exchange?
    t3.enable(:session_key)
    rc4 = Net::NTLM::Rc4.new(user_session_key)
    sk = rc4.encrypt exported_session_key
    t3.session_key = sk
  end
  t3
end

#exported_session_keyObject 



46
47
48
49
50
51
52
53
54
55
 
# File 'lib/net/ntlm/client/session.rb', line 46

def exported_session_key
  @exported_session_key ||=
    begin
      if negotiate_key_exchange?
        OpenSSL::Random.random_bytes(16)
      else
        user_session_key
      end
    end
end

#is_anonymous?Boolean

Returns:

  • (Boolean) 


83
84
85
 
# File 'lib/net/ntlm/client/session.rb', line 83

def is_anonymous?
  username == '' && password == ''
end

#seal_message(message) ⇒ Object 



75
76
77
 
# File 'lib/net/ntlm/client/session.rb', line 75

def seal_message(message)
  client_cipher.encrypt(message)
end

#sign_message(message) ⇒ Object 



57
58
59
60
61
62
63
64
 
# File 'lib/net/ntlm/client/session.rb', line 57

def sign_message(message)
  seq = sequence
  sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, client_sign_key, "#{seq}#{message}")[0..7]
  if negotiate_key_exchange?
    sig = client_cipher.encrypt sig
  end
  "#{VERSION_MAGIC}#{sig}#{seq}"
end

#unseal_message(emessage) ⇒ Object 



79
80
81
 
# File 'lib/net/ntlm/client/session.rb', line 79

def unseal_message(emessage)
  server_cipher.encrypt(emessage)
end

#verify_signature(signature, message) ⇒ Object 



66
67
68
69
70
71
72
73
 
# File 'lib/net/ntlm/client/session.rb', line 66

def verify_signature(signature, message)
  seq = signature[-4..-1]
  sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, server_sign_key, "#{seq}#{message}")[0..7]
  if negotiate_key_exchange?
    sig = server_cipher.encrypt sig
  end
  "#{VERSION_MAGIC}#{sig}#{seq}" == signature
end