-
Notifications
You must be signed in to change notification settings - Fork 74
/
Copy pathsignature.go
120 lines (107 loc) · 4.47 KB
/
signature.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
//Copyright 2013 Thomson Reuters Global Resources. BSD License please see License file for more information
package ntlm
import (
rc4P "crypto/rc4"
"encoding/binary"
"encoding/hex"
"fmt"
)
type NtlmsspMessageSignature struct {
ByteData []byte
// A 32-bit unsigned integer that contains the signature version. This field MUST be 0x00000001.
Version []byte
// A 4-byte array that contains the random pad for the message.
RandomPad []byte
// A 4-byte array that contains the checksum for the message.
CheckSum []byte
// A 32-bit unsigned integer that contains the NTLM sequence number for this application message.
SeqNum []byte
}
func (n *NtlmsspMessageSignature) String() string {
return fmt.Sprintf("NtlmsspMessageSignature: %s", hex.EncodeToString(n.Bytes()))
}
func (n *NtlmsspMessageSignature) Bytes() []byte {
if n.ByteData != nil {
return n.ByteData
} else {
return concat(n.Version, n.RandomPad, n.CheckSum, n.SeqNum)
}
return nil
}
// Define SEAL(Handle, SigningKey, SeqNum, Message) as
func seal(negFlags uint32, handle *rc4P.Cipher, signingKey []byte, seqNum uint32, message []byte) (sealedMessage []byte, sig *NtlmsspMessageSignature) {
sealedMessage = rc4(handle, message)
sig = mac(negFlags, handle, signingKey, uint32(seqNum), message)
return
}
// Define SIGN(Handle, SigningKey, SeqNum, Message) as
func sign(negFlags uint32, handle *rc4P.Cipher, signingKey []byte, seqNum uint32, message []byte) []byte {
return concat(message, mac(negFlags, handle, signingKey, uint32(seqNum), message).Bytes())
}
func mac(negFlags uint32, handle *rc4P.Cipher, signingKey []byte, seqNum uint32, message []byte) (result *NtlmsspMessageSignature) {
if NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY.IsSet(negFlags) {
result = macWithExtendedSessionSecurity(negFlags, handle, signingKey, seqNum, message)
} else {
result = macWithoutExtendedSessionSecurity(handle, seqNum, message)
}
return result
}
// Define MAC(Handle, SigningKey, SeqNum, Message) as
// Set NTLMSSP_MESSAGE_SIGNATURE.Version to 0x00000001
// Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to CRC32(Message)
// Set NTLMSSP_MESSAGE_SIGNATURE.RandomPad RC4(Handle, RandomPad)
// Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to RC4(Handle, NTLMSSP_MESSAGE_SIGNATURE.Checksum)
// Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to RC4(Handle, 0x00000000)
// If (connection oriented)
// Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to NTLMSSP_MESSAGE_SIGNATURE.SeqNum XOR SeqNum
// Set SeqNum to SeqNum + 1
// Else
// Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to NTLMSSP_MESSAGE_SIGNATURE.SeqNum XOR (application supplied SeqNum)
// EndIf
// Set NTLMSSP_MESSAGE_SIGNATURE.RandomPad to 0
// End
func macWithoutExtendedSessionSecurity(handle *rc4P.Cipher, seqNum uint32, message []byte) *NtlmsspMessageSignature {
sig := new(NtlmsspMessageSignature)
seqNumBytes := make([]byte, 4)
binary.LittleEndian.PutUint32(seqNumBytes, seqNum)
sig.Version = []byte{0x01, 0x00, 0x00, 0x00}
sig.CheckSum = make([]byte, 4)
binary.LittleEndian.PutUint32(sig.CheckSum, crc32(message))
sig.RandomPad = rc4(handle, zeroBytes(4))
sig.CheckSum = rc4(handle, sig.CheckSum)
sig.SeqNum = rc4(handle, zeroBytes(4))
for i := 0; i < 4; i++ {
sig.SeqNum[i] = sig.SeqNum[i] ^ seqNumBytes[i]
}
sig.RandomPad = zeroBytes(4)
return sig
}
// Define MAC(Handle, SigningKey, SeqNum, Message) as
// Set NTLMSSP_MESSAGE_SIGNATURE.Version to 0x00000001
// if Key Exchange Key Negotiated
// Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to RC4(Handle, HMAC_MD5(SigningKey, ConcatenationOf(SeqNum, Message))[0..7])
// else
// Set NTLMSSP_MESSAGE_SIGNATURE.Checksum to HMAC_MD5(SigningKey, ConcatenationOf(SeqNum, Message))[0..7]
// end
// Set NTLMSSP_MESSAGE_SIGNATURE.SeqNum to SeqNum
// Set SeqNum to SeqNum + 1
// EndDefine
func macWithExtendedSessionSecurity(negFlags uint32, handle *rc4P.Cipher, signingKey []byte, seqNum uint32, message []byte) *NtlmsspMessageSignature {
sig := new(NtlmsspMessageSignature)
sig.Version = []byte{0x01, 0x00, 0x00, 0x00}
seqNumBytes := make([]byte, 4)
binary.LittleEndian.PutUint32(seqNumBytes, seqNum)
sig.CheckSum = hmacMd5(signingKey, concat(seqNumBytes, message))[0:8]
if NTLMSSP_NEGOTIATE_KEY_EXCH.IsSet(negFlags) {
sig.CheckSum = rc4(handle, sig.CheckSum)
}
sig.SeqNum = seqNumBytes
return sig
}
func reinitSealingKey(key []byte, sequenceNumber int) (handle *rc4P.Cipher, err error) {
seqNumBytes := make([]byte, 4)
binary.LittleEndian.PutUint32(seqNumBytes, uint32(sequenceNumber))
newKey := md5(concat(key, seqNumBytes))
handle, err = rc4Init(newKey)
return handle, err
}