Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make the session key available to clients #21

Merged
merged 2 commits into from
Jun 17, 2015
Merged

Make the session key available to clients #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4517890
Make the session key available to the client
egypt Jun 10, 2015
4f3b4f9
Use the new method name in specs
egypt Jun 10, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions lib/net/ntlm/client.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ def session
@session
end

def session_key
@session.exported_session_key
end

private

# @return [Message::Type1]
Expand Down
32 changes: 16 additions & 16 deletions lib/net/ntlm/client/session.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,24 @@ def authenticate!
rc4 = OpenSSL::Cipher::Cipher.new("rc4")
rc4.encrypt
rc4.key = user_session_key
sk = rc4.update master_key
sk = rc4.update exported_session_key
sk << rc4.final
t3.session_key = sk
end
t3
end

def exported_session_key
@exported_session_key ||=
begin
if negotiate_key_exchange?
OpenSSL::Cipher.new("rc4").random_key
else
user_session_key
end
end
end

def sign_message(message)
seq = sequence
sig = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, client_sign_key, "#{seq}#{message}")[0..7]
Expand Down Expand Up @@ -75,24 +86,13 @@ def unseal_message(emessage)
message + server_cipher.final
end


private


def user_session_key
@user_session_key ||= nil
end

def master_key
@master_key ||= begin
if negotiate_key_exchange?
OpenSSL::Cipher.new("rc4").random_key
else
user_session_key
end
end
end

def sequence
[raw_sequence].pack("V*")
end
Expand All @@ -106,19 +106,19 @@ def raw_sequence
end

def client_sign_key
@client_sign_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{CLIENT_TO_SERVER_SIGNING}"
@client_sign_key ||= OpenSSL::Digest::MD5.digest "#{exported_session_key}#{CLIENT_TO_SERVER_SIGNING}"
end

def server_sign_key
@server_sign_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{SERVER_TO_CLIENT_SIGNING}"
@server_sign_key ||= OpenSSL::Digest::MD5.digest "#{exported_session_key}#{SERVER_TO_CLIENT_SIGNING}"
end

def client_seal_key
@client_seal_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{CLIENT_TO_SERVER_SEALING}"
@client_seal_key ||= OpenSSL::Digest::MD5.digest "#{exported_session_key}#{CLIENT_TO_SERVER_SEALING}"
end

def server_seal_key
@server_seal_key ||= OpenSSL::Digest::MD5.digest "#{master_key}#{SERVER_TO_CLIENT_SEALING}"
@server_seal_key ||= OpenSSL::Digest::MD5.digest "#{exported_session_key}#{SERVER_TO_CLIENT_SEALING}"
end

def client_cipher
Expand Down
6 changes: 3 additions & 3 deletions spec/lib/net/ntlm/client/session_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,17 +51,17 @@
end
end

describe "#master_key" do
describe "#exported_session_key" do
it "returns a random 16-byte key when negotiate_key_exchange? is true" do
expect(inst).to receive(:negotiate_key_exchange?).and_return(true)
expect(inst).not_to receive(:user_session_key)
inst.send :master_key
inst.exported_session_key
end

it "returns the user_session_key when negotiate_key_exchange? is false" do
expect(inst).to receive(:negotiate_key_exchange?).and_return(false)
expect(inst).to receive(:user_session_key).and_return(user_session_key)
inst.send :master_key
inst.exported_session_key
end
end

Expand Down