List of usage examples for org.apache.commons.httpclient.auth AuthenticationException AuthenticationException
public AuthenticationException(String paramString, Throwable paramThrowable)
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Calculates the NTLM2 Session Response for the given challenge, using the * specified password and client challenge. * * @return The NTLM2 Session Response. This is placed in the NTLM response * field of the Type 3 message; the LM response field contains the * client challenge, null-padded to 24 bytes. */// www . j a v a 2s .c om static byte[] ntlm2SessionResponse(final byte[] ntlmHash, final byte[] challenge, final byte[] clientChallenge) throws AuthenticationException { try { // Look up MD5 algorithm (was necessary on jdk 1.4.2) // This used to be needed, but java 1.5.0_07 includes the MD5 // algorithm (finally) // Class x = Class.forName("gnu.crypto.hash.MD5"); // Method updateMethod = x.getMethod("update",new // Class[]{byte[].class}); // Method digestMethod = x.getMethod("digest",new Class[0]); // Object mdInstance = x.newInstance(); // updateMethod.invoke(mdInstance,new Object[]{challenge}); // updateMethod.invoke(mdInstance,new Object[]{clientChallenge}); // byte[] digest = (byte[])digestMethod.invoke(mdInstance,new // Object[0]); final MessageDigest md5 = MessageDigest.getInstance("MD5"); md5.update(challenge); md5.update(clientChallenge); final byte[] digest = md5.digest(); final byte[] sessionHash = new byte[8]; System.arraycopy(digest, 0, sessionHash, 0, 8); return lmResponse(ntlmHash, sessionHash); } catch (Exception e) { if (e instanceof AuthenticationException) throw (AuthenticationException) e; throw new AuthenticationException(e.getMessage(), e); } }
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Creates the LM Hash of the user's password. * * @param password/*w w w .jav a2s. com*/ * The password. * * @return The LM Hash of the given password, used in the calculation of the * LM Response. */ private static byte[] lmHash(final String password) throws AuthenticationException { try { final byte[] oemPassword = password.toUpperCase(Locale.US).getBytes("US-ASCII"); final int length = Math.min(oemPassword.length, 14); final byte[] keyBytes = new byte[14]; System.arraycopy(oemPassword, 0, keyBytes, 0, length); final Key lowKey = createDESKey(keyBytes, 0); final Key highKey = createDESKey(keyBytes, 7); final byte[] magicConstant = "KGS!@#$%".getBytes("US-ASCII"); final Cipher des = Cipher.getInstance("DES/ECB/NoPadding"); des.init(Cipher.ENCRYPT_MODE, lowKey); final byte[] lowHash = des.doFinal(magicConstant); des.init(Cipher.ENCRYPT_MODE, highKey); final byte[] highHash = des.doFinal(magicConstant); final byte[] lmHash = new byte[16]; System.arraycopy(lowHash, 0, lmHash, 0, 8); System.arraycopy(highHash, 0, lmHash, 8, 8); return lmHash; } catch (Exception e) { throw new AuthenticationException(e.getMessage(), e); } }
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Creates the NTLM Hash of the user's password. * * @param password/* w ww. ja v a 2 s.c o m*/ * The password. * * @return The NTLM Hash of the given password, used in the calculation of * the NTLM Response and the NTLMv2 and LMv2 Hashes. */ private static byte[] ntlmHash(final String password) throws AuthenticationException { try { final byte[] unicodePassword = password.getBytes("UnicodeLittleUnmarked"); final MD4 md4 = new MD4(); md4.update(unicodePassword); return md4.getOutput(); } catch (UnsupportedEncodingException e) { throw new AuthenticationException("Unicode not supported: " + e.getMessage(), e); } }
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Creates the LMv2 Hash of the user's password. * * @return The LMv2 Hash, used in the calculation of the NTLMv2 and LMv2 * Responses./* ww w .ja va 2 s. com*/ */ private static byte[] lmv2Hash(final String domain, final String user, final byte[] ntlmHash) throws AuthenticationException { try { final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); // Upper case username, upper case domain! hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); if (domain != null) { hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); } return hmacMD5.getOutput(); } catch (UnsupportedEncodingException e) { throw new AuthenticationException("Unicode not supported! " + e.getMessage(), e); } }
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Creates the NTLMv2 Hash of the user's password. * * @return The NTLMv2 Hash, used in the calculation of the NTLMv2 and LMv2 * Responses.//from w ww . jav a 2 s . c o m */ private static byte[] ntlmv2Hash(final String domain, final String user, final byte[] ntlmHash) throws AuthenticationException { try { final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); // Upper case username, mixed case target!! hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); if (domain != null) { hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked")); } return hmacMD5.getOutput(); } catch (UnsupportedEncodingException e) { throw new AuthenticationException("Unicode not supported! " + e.getMessage(), e); } }
From source file:org.zaproxy.zap.network.ZapNTLMEngineImpl.java
/** * Creates the LM Response from the given hash and Type 2 challenge. * * @param hash//from w w w . ja va 2s . c o m * The LM or NTLM Hash. * @param challenge * The server challenge from the Type 2 message. * * @return The response (either LM or NTLM, depending on the provided hash). */ private static byte[] lmResponse(final byte[] hash, final byte[] challenge) throws AuthenticationException { try { final byte[] keyBytes = new byte[21]; System.arraycopy(hash, 0, keyBytes, 0, 16); final Key lowKey = createDESKey(keyBytes, 0); final Key middleKey = createDESKey(keyBytes, 7); final Key highKey = createDESKey(keyBytes, 14); final Cipher des = Cipher.getInstance("DES/ECB/NoPadding"); des.init(Cipher.ENCRYPT_MODE, lowKey); final byte[] lowResponse = des.doFinal(challenge); des.init(Cipher.ENCRYPT_MODE, middleKey); final byte[] middleResponse = des.doFinal(challenge); des.init(Cipher.ENCRYPT_MODE, highKey); final byte[] highResponse = des.doFinal(challenge); final byte[] lmResponse = new byte[24]; System.arraycopy(lowResponse, 0, lmResponse, 0, 8); System.arraycopy(middleResponse, 0, lmResponse, 8, 8); System.arraycopy(highResponse, 0, lmResponse, 16, 8); return lmResponse; } catch (Exception e) { throw new AuthenticationException(e.getMessage(), e); } }