Class: Net::NTLM::Client::Session

Inherits:
Object
  • Object
show all
Defined in:
lib/net/ntlm/client/session.rb

Constant Summary collapse

VERSION_MAGIC = 
"\x01\x00\x00\x00"
TIME_OFFSET = 
11644473600
MAX64 = 
0xffffffffffffffff
CLIENT_TO_SERVER_SIGNING = 
"session key to client-to-server signing key magic constant\0"
SERVER_TO_CLIENT_SIGNING = 
"session key to server-to-client signing key magic constant\0"
CLIENT_TO_SERVER_SEALING = 
"session key to client-to-server sealing key magic constant\0"
SERVER_TO_CLIENT_SEALING = 
"session key to server-to-client sealing key magic constant\0"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client, challenge_message, channel_binding = nil) ⇒ Session

Returns a new instance of Session.

Parameters:



17
18
19
20
21
 
# File 'lib/net/ntlm/client/session.rb', line 17

def initialize(client, challenge_message, channel_binding = nil)
  @client = client
  @challenge_message = challenge_message
  @channel_binding = channel_binding
end

Instance Attribute Details

#challenge_messageObject (readonly)

Returns the value of attribute challenge_message.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def challenge_message
  @challenge_message
end

#channel_bindingObject (readonly)

Returns the value of attribute channel_binding.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def channel_binding
  @channel_binding
end

#clientObject (readonly)

Returns the value of attribute client.



13
14
15
 
# File 'lib/net/ntlm/client/session.rb', line 13

def client
  @client
end

Instance Method Details

#authenticate!Net::NTLM::Message::Type3

Generate an NTLMv2 AUTHENTICATE_MESSAGE

Returns:

See Also:



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/net/ntlm/client/session.rb', line 26

def authenticate!
  calculate_user_session_key!
  type3_opts = {
    :lm_response   => lmv2_resp,
    :ntlm_response => ntlmv2_resp,
    :domain        => domain,
    :user          => username,
    :workstation   => workstation,
    :flag          => (challenge_message.flag & client.flags)
  }
  t3 = Message::Type3.create type3_opts
  if negotiate_key_exchange?
    t3.enable(:session_key)
    rc4 = OpenSSL::Cipher.new("rc4")
    rc4.encrypt
    rc4.key = user_session_key
    sk = rc4.update exported_session_key
    sk << rc4.final
    t3.session_key = sk
  end
  t3
end

#exported_session_keyObject 



49
50
51
52
53
54
55
56
57
58
 
# File 'lib/net/ntlm/client/session.rb', line 49

def exported_session_key
  @exported_session_key ||=
    begin
      if negotiate_key_exchange?
        OpenSSL::Cipher.new("rc4").random_key
      else
        user_session_key
      end
    end
end

#seal_message(message) ⇒ Object 



80
81
82
83
 
# File 'lib/net/ntlm/client/session.rb', line 80

def seal_message(message)
  emessage = client_cipher.update(message)
  emessage + client_cipher.final
end

#sign_message(message) ⇒ Object 



60
61
62
63
64
65
66
67
68
 
# File 'lib/net/ntlm/client/session.rb', line 60

def sign_message(message)
  seq = sequence
  sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, client_sign_key, "#{seq}#{message}")[0..7]
  if negotiate_key_exchange?
    sig = client_cipher.update sig
    sig << client_cipher.final
  end
  "#{VERSION_MAGIC}#{sig}#{seq}"
end

#unseal_message(emessage) ⇒ Object 



85
86
87
88
 
# File 'lib/net/ntlm/client/session.rb', line 85

def unseal_message(emessage)
  message = server_cipher.update(emessage)
  message + server_cipher.final
end

#verify_signature(signature, message) ⇒ Object 



70
71
72
73
74
75
76
77
78
 
# File 'lib/net/ntlm/client/session.rb', line 70

def verify_signature(signature, message)
  seq = signature[-4..-1]
  sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, server_sign_key, "#{seq}#{message}")[0..7]
  if negotiate_key_exchange?
    sig = server_cipher.update sig
    sig << server_cipher.final
  end
  "#{VERSION_MAGIC}#{sig}#{seq}" == signature
end