services/console-proxy-rdp/rdpconsole/src/main/java/rdpclient/ntlmssp/ClientNtlmsspNegotiate.java - cloudstack - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
 package rdpclient.ntlmssp;

 import rdpclient.ntlmssp.asn1.NegoItem;
 import rdpclient.ntlmssp.asn1.TSRequest;
 import rdpclient.rdp.RdpConstants;
 import streamer.ByteBuffer;
 import streamer.Element;
 import streamer.Link;
 import streamer.OneTimeSwitch;
 import streamer.Pipeline;
 import streamer.PipelineImpl;
 import streamer.debug.MockSink;
 import streamer.debug.MockSource;
 import common.asn1.Tag;

 /**
  * @see http://msdn.microsoft.com/en-us/library/cc236641.aspx
  */
 public class ClientNtlmsspNegotiate extends OneTimeSwitch {

     /**
      * The set of client configuration flags (section 2.2.2.5) that specify the
      * full set of capabilities of the client.
      */
     public NegoFlags clientConfigFlags = new NegoFlags().set_NEGOTIATE_56().set_NEGOTIATE_KEY_EXCH().set_NEGOTIATE_128().set_NEGOTIATE_VERSION()
             .set_NEGOTIATE_EXTENDED_SESSION_SECURITY().set_NEGOTIATE_ALWAYS_SIGN().set_NEGOTIATE_NTLM().set_NEGOTIATE_LM_KEY().set_NEGOTIATE_SEAL()
             .set_NEGOTIATE_SIGN().set_REQUEST_TARGET().set_NEGOTIATE_OEM().set_NEGOTIATE_UNICODE();

     protected NtlmState ntlmState;

     public ClientNtlmsspNegotiate(String id, NtlmState state) {
         super(id);
         ntlmState = state;
     }

     @Override
     protected void handleOneTimeData(ByteBuffer buf, Link link) {
         if (buf == null)
             return;

         throw new RuntimeException("Unexpected packet: " + buf + ".");
     }

     @Override
     protected void onStart() {
         super.onStart();

         ByteBuffer negoToken = generateNegotiateMessage();
         ntlmState.negotiateMessage = negoToken.toByteArray(); // Store message for MIC calculation in AUTH message

         // Length of packet
         ByteBuffer buf = new ByteBuffer(1024, true);

         TSRequest tsRequest = new TSRequest("TSRequest");
         tsRequest.version.value = 2L;
         NegoItem negoItem = new NegoItem("NegoItem");
         negoItem.negoToken.value = negoToken;
         tsRequest.negoTokens.tags = new Tag[] {negoItem};

         tsRequest.writeTag(buf);

         // Trim buffer to actual length of data written
         buf.trimAtCursor();

         pushDataToOTOut(buf);

         switchOff();
     }

     private ByteBuffer generateNegotiateMessage() {
         ByteBuffer buf = new ByteBuffer(1024);

         // Signature
         buf.writeString("NTLMSSP", RdpConstants.CHARSET_8);
         buf.writeByte(0);

         // Message type
         buf.writeIntLE(NtlmConstants.NEGOTIATE);

         buf.writeIntLE(clientConfigFlags.value); // Flags

         // If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application,
         // the Version field MUST be set to the current version (section 2.2.2.10),
         // the DomainName field MUST be set to a zero-length string, and the
         // Workstation field MUST be set to a zero-length string.

         // Domain: ""
         buf.writeShortLE(0); // Length
         buf.writeShortLE(0); // Allocated space
         buf.writeIntLE(0); // Offset

         // Workstation: ""
         buf.writeShortLE(0); // Length
         buf.writeShortLE(0); // Allocated space
         buf.writeIntLE(0); // Offset

         // OS Version: 6.1 (Build 7601); NTLM Current Revision 15
         buf.writeBytes(new byte[] {(byte)0x06, (byte)0x01, (byte)0xb1, (byte)0x1d, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x0f});

         // Trim buffer to actual length of data written
         buf.trimAtCursor();

         return buf;
     }

     /**
      * Example.
      */
     public static void main(String args[]) {
         // System.setProperty("streamer.Link.debug", "true");
         System.setProperty("streamer.Element.debug", "true");
         // System.setProperty("streamer.Pipeline.debug", "true");

         /* @formatter:off */
         byte[] packet = new byte[] {
                 // CredSSP BER header:

                 (byte)0x30, // Sequence
                 (byte)0x37, // Length, 55 bytes

                 (byte)0xa0, (byte)0x03, // TAG: [0] (constructed) LEN: 3 byte
                 (byte)0x02, (byte)0x01, (byte)0x02, // Version: (int, 1 byte, 0x02)

                 // Sequence of sequence
                 (byte)0xa1, (byte)0x30, // TAG: [1] (constructed) LEN: 48 bytes
                 (byte)0x30, (byte)0x2e, // TAG: [UNIVERSAL 16] (constructed) "SEQUENCE" LEN: 46 bytes
                 (byte)0x30, (byte)0x2c, // TAG: [UNIVERSAL 16] (constructed) "SEQUENCE" LEN: 44 bytes
                 (byte)0xa0, (byte)0x2a, // TAG: [0] (constructed) LEN: 42 bytes


                 (byte)0x04, (byte)0x28, // TAG: [UNIVERSAL 4] (primitive) "OCTET STRING" LEN: 40 bytes

                 // NTLM negotiate request

                 (byte)0x4e, (byte)0x54, (byte)0x4c, (byte)0x4d, (byte)0x53, (byte)0x53, (byte)0x50, (byte)0x00, // "NTLMSSP\0"

                 (byte)0x01, (byte)0x00, (byte)0x00, (byte)0x00, // Message type: NEGOTIATE (0x1, LE)

                 (byte)0xb7, (byte)0x82, (byte)0x08, (byte)0xe2, // Flags: 0xe20882b7 (LE)

                 (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, // Domain (security buffer, 8bit, 8 bytes): length: 0x0000 (LE), allocated space: 0x0000 (LE), offset: 0x00000000 (LE)
                 (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, // Workstation  (security buffer, 8bit, 8 bytes): length: 0x0000 (LE), allocated space: 0x0000 (LE), offset: 0x00000000 (LE)
                 (byte)0x06, (byte)0x01, (byte)0xb1, (byte)0x1d, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x0f, // OS Version: 6.1 (Build 7601); NTLM Current Revision 15, 8 bytes

         };
         /* @formatter:on */

         NtlmState state = new NtlmState();

         MockSource source = new MockSource("source", ByteBuffer.convertByteArraysToByteBuffers(new byte[] {1, 2, 3}));
         Element ntlmssp_negotiate = new ClientNtlmsspNegotiate("ntlmssp_negotiate", state);
         Element sink = new MockSink("sink", ByteBuffer.convertByteArraysToByteBuffers(packet));
         Element mainSink = new MockSink("mainSink", ByteBuffer.convertByteArraysToByteBuffers(new byte[] {1, 2, 3}));

         Pipeline pipeline = new PipelineImpl("test");
         pipeline.add(source, ntlmssp_negotiate, sink, mainSink);
         pipeline.link("source", "ntlmssp_negotiate", "mainSink");
         pipeline.link("ntlmssp_negotiate >" + OTOUT, "sink");
         pipeline.runMainLoop("source", STDOUT, false, false);
     }
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.
	package rdpclient.ntlmssp;

	import rdpclient.ntlmssp.asn1.NegoItem;
	import rdpclient.ntlmssp.asn1.TSRequest;
	import rdpclient.rdp.RdpConstants;
	import streamer.ByteBuffer;
	import streamer.Element;
	import streamer.Link;
	import streamer.OneTimeSwitch;
	import streamer.Pipeline;
	import streamer.PipelineImpl;
	import streamer.debug.MockSink;
	import streamer.debug.MockSource;
	import common.asn1.Tag;

	/**
	* @see http://msdn.microsoft.com/en-us/library/cc236641.aspx
	*/
	public class ClientNtlmsspNegotiate extends OneTimeSwitch {

	/**
	* The set of client configuration flags (section 2.2.2.5) that specify the
	* full set of capabilities of the client.
	*/
	public NegoFlags clientConfigFlags = new NegoFlags().set_NEGOTIATE_56().set_NEGOTIATE_KEY_EXCH().set_NEGOTIATE_128().set_NEGOTIATE_VERSION()
	.set_NEGOTIATE_EXTENDED_SESSION_SECURITY().set_NEGOTIATE_ALWAYS_SIGN().set_NEGOTIATE_NTLM().set_NEGOTIATE_LM_KEY().set_NEGOTIATE_SEAL()
	.set_NEGOTIATE_SIGN().set_REQUEST_TARGET().set_NEGOTIATE_OEM().set_NEGOTIATE_UNICODE();

	protected NtlmState ntlmState;

	public ClientNtlmsspNegotiate(String id, NtlmState state) {
	super(id);
	ntlmState = state;
	}

	@Override
	protected void handleOneTimeData(ByteBuffer buf, Link link) {
	if (buf == null)
	return;

	throw new RuntimeException("Unexpected packet: " + buf + ".");
	}

	@Override
	protected void onStart() {
	super.onStart();

	ByteBuffer negoToken = generateNegotiateMessage();
	ntlmState.negotiateMessage = negoToken.toByteArray(); // Store message for MIC calculation in AUTH message

	// Length of packet
	ByteBuffer buf = new ByteBuffer(1024, true);

	TSRequest tsRequest = new TSRequest("TSRequest");
	tsRequest.version.value = 2L;
	NegoItem negoItem = new NegoItem("NegoItem");
	negoItem.negoToken.value = negoToken;
	tsRequest.negoTokens.tags = new Tag[] {negoItem};

	tsRequest.writeTag(buf);

	// Trim buffer to actual length of data written
	buf.trimAtCursor();

	pushDataToOTOut(buf);

	switchOff();
	}

	private ByteBuffer generateNegotiateMessage() {
	ByteBuffer buf = new ByteBuffer(1024);

	// Signature
	buf.writeString("NTLMSSP", RdpConstants.CHARSET_8);
	buf.writeByte(0);

	// Message type
	buf.writeIntLE(NtlmConstants.NEGOTIATE);

	buf.writeIntLE(clientConfigFlags.value); // Flags

	// If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application,
	// the Version field MUST be set to the current version (section 2.2.2.10),
	// the DomainName field MUST be set to a zero-length string, and the
	// Workstation field MUST be set to a zero-length string.

	// Domain: ""
	buf.writeShortLE(0); // Length
	buf.writeShortLE(0); // Allocated space
	buf.writeIntLE(0); // Offset

	// Workstation: ""
	buf.writeShortLE(0); // Length
	buf.writeShortLE(0); // Allocated space
	buf.writeIntLE(0); // Offset

	// OS Version: 6.1 (Build 7601); NTLM Current Revision 15
	buf.writeBytes(new byte[] {(byte)0x06, (byte)0x01, (byte)0xb1, (byte)0x1d, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x0f});

	// Trim buffer to actual length of data written
	buf.trimAtCursor();

	return buf;
	}

	/**
	* Example.
	*/
	public static void main(String args[]) {
	// System.setProperty("streamer.Link.debug", "true");
	System.setProperty("streamer.Element.debug", "true");
	// System.setProperty("streamer.Pipeline.debug", "true");

	/* @formatter:off */
	byte[] packet = new byte[] {
	// CredSSP BER header:

	(byte)0x30, // Sequence
	(byte)0x37, // Length, 55 bytes

	(byte)0xa0, (byte)0x03, // TAG: [0] (constructed) LEN: 3 byte
	(byte)0x02, (byte)0x01, (byte)0x02, // Version: (int, 1 byte, 0x02)

	// Sequence of sequence
	(byte)0xa1, (byte)0x30, // TAG: [1] (constructed) LEN: 48 bytes
	(byte)0x30, (byte)0x2e, // TAG: [UNIVERSAL 16] (constructed) "SEQUENCE" LEN: 46 bytes
	(byte)0x30, (byte)0x2c, // TAG: [UNIVERSAL 16] (constructed) "SEQUENCE" LEN: 44 bytes
	(byte)0xa0, (byte)0x2a, // TAG: [0] (constructed) LEN: 42 bytes


	(byte)0x04, (byte)0x28, // TAG: [UNIVERSAL 4] (primitive) "OCTET STRING" LEN: 40 bytes

	// NTLM negotiate request

	(byte)0x4e, (byte)0x54, (byte)0x4c, (byte)0x4d, (byte)0x53, (byte)0x53, (byte)0x50, (byte)0x00, // "NTLMSSP\0"

	(byte)0x01, (byte)0x00, (byte)0x00, (byte)0x00, // Message type: NEGOTIATE (0x1, LE)

	(byte)0xb7, (byte)0x82, (byte)0x08, (byte)0xe2, // Flags: 0xe20882b7 (LE)

	(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, // Domain (security buffer, 8bit, 8 bytes): length: 0x0000 (LE), allocated space: 0x0000 (LE), offset: 0x00000000 (LE)
	(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, // Workstation (security buffer, 8bit, 8 bytes): length: 0x0000 (LE), allocated space: 0x0000 (LE), offset: 0x00000000 (LE)
	(byte)0x06, (byte)0x01, (byte)0xb1, (byte)0x1d, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x0f, // OS Version: 6.1 (Build 7601); NTLM Current Revision 15, 8 bytes

	};
	/* @formatter:on */

	NtlmState state = new NtlmState();

	MockSource source = new MockSource("source", ByteBuffer.convertByteArraysToByteBuffers(new byte[] {1, 2, 3}));
	Element ntlmssp_negotiate = new ClientNtlmsspNegotiate("ntlmssp_negotiate", state);
	Element sink = new MockSink("sink", ByteBuffer.convertByteArraysToByteBuffers(packet));
	Element mainSink = new MockSink("mainSink", ByteBuffer.convertByteArraysToByteBuffers(new byte[] {1, 2, 3}));

	Pipeline pipeline = new PipelineImpl("test");
	pipeline.add(source, ntlmssp_negotiate, sink, mainSink);
	pipeline.link("source", "ntlmssp_negotiate", "mainSink");
	pipeline.link("ntlmssp_negotiate >" + OTOUT, "sink");
	pipeline.runMainLoop("source", STDOUT, false, false);
	}
	}