def sendClientNewLicenseRequest(self, licenseRequest):
"""
@summary: Create new license request in response to server license request
@param licenseRequest: {ServerLicenseRequest}
@see: http://msdn.microsoft.com/en-us/library/cc241989.aspx
@see: http://msdn.microsoft.com/en-us/library/cc241918.aspx
"""
#get server information
serverRandom = licenseRequest.serverRandom.value
s = Stream(licenseRequest.serverCertificate.blobData.value)
serverCertificate = gcc.ServerCertificate()
s.readType(serverCertificate)
#generate crypto values
clientRandom = rsa.random(256)
preMasterSecret = rsa.random(384)
masterSecret = sec.masterSecret(preMasterSecret, clientRandom,
serverRandom)
sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom,
clientRandom)
self._macSalt = sessionKeyBlob[:16]
self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom,
serverRandom)
#format message
message = ClientNewLicenseRequest()
message.clientRandom.value = clientRandom
message.encryptedPreMasterSecret.blobData.value = rsa.encrypt(
preMasterSecret[::-1],
serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8
message.ClientMachineName.blobData.value = self._hostname + "\x00"
message.ClientUserName.blobData.value = self._username + "\x00"
self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT,
LicPacket(message))
def sendClientNewLicenseRequest(self, licenseRequest):
"""
@summary: Create new license request in response to server license request
@param licenseRequest: {ServerLicenseRequest}
@see: http://msdn.microsoft.com/en-us/library/cc241989.aspx
@see: http://msdn.microsoft.com/en-us/library/cc241918.aspx
"""
#get server information
serverRandom = licenseRequest.serverRandom.value
if self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate._is_readed:
serverCertificate = self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate
else:
s = Stream(licenseRequest.serverCertificate.blobData.value)
serverCertificate = gcc.ServerCertificate()
s.readType(serverCertificate)
#generate crypto values
clientRandom = rsa.random(256)
preMasterSecret = rsa.random(384)
masterSecret = sec.masterSecret(preMasterSecret, clientRandom, serverRandom)
sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom, clientRandom)
self._macSalt = sessionKeyBlob[:16]
self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom, serverRandom)
#format message
message = ClientNewLicenseRequest()
message.clientRandom.value = clientRandom
message.encryptedPreMasterSecret.blobData.value = rsa.encrypt(preMasterSecret[::-1], serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8
message.ClientMachineName.blobData.value = self._hostname + "\x00"
message.ClientUserName.blobData.value = self._username + "\x00"
self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT, LicPacket(message))
def getTargetInfoAsAvPairArray(self):
"""
@summary: Parse Target info field to retrieve array of AvPair
@return: {map(AvId, str)}
"""
result = {}
s = Stream(self.getTargetInfo())
while (True):
avPair = AvPair()
s.readType(avPair)
if avPair.AvId.value == AvId.MsvAvEOL:
return result
result[avPair.AvId.value] = avPair.Value.value
def getTargetInfoAsAvPairArray(self):
"""
@summary: Parse Target info field to retrieve array of AvPair
@return: {map(AvId, str)}
"""
result = {}
s = Stream(self.getTargetInfo())
while(True):
avPair = AvPair()
s.readType(avPair)
if avPair.AvId.value == AvId.MsvAvEOL:
return result
result[avPair.AvId.value] = avPair.Value.value
class FileReader(object):
"""
@summary: RSR File reader
"""
def __init__(self, f):
"""
@param f: {file} file pointer use to read
"""
self._s = Stream(f.read())
def nextEvent(self):
"""
@summary: read next event and return it
"""
if self._s.dataLen() == 0:
return None
e = Event()
self._s.readType(e)
return e
class FileReader(object):
"""
@summary: RSR File reader
"""
def __init__(self, f):
"""
@param f: {file} file pointer use to read
"""
self._s = Stream(f.read())
def nextEvent(self):
"""
@summary: read next event and return it
"""
if self._s.dataLen() == 0:
return None
e = Event()
self._s.readType(e)
return e
def GSS_UnWrapEx(self, data):
"""
@summary: decrypt data with key exchange in Authentication protocol
@param data: {str}
"""
signature = MessageSignatureEx()
message = String()
s = Stream(data)
s.readType((signature, message))
#decrypt message
plaintextMessage = rc4.crypt(self._decryptHandle, message.value)
checksum = rc4.crypt(self._decryptHandle, signature.Checksum.value)
#recompute checksum
t = Stream()
t.writeType(signature.SeqNum)
verify = HMAC_MD5(self._verifyKey, t.getvalue() + plaintextMessage)[:8]
if verify != checksum:
raise error.InvalidExpectedDataException("NTLMv2SecurityInterface : Invalid checksum")
return plaintextMessage
def GSS_UnWrapEx(self, data):
"""
@summary: decrypt data with key exchange in Authentication protocol
@param data: {str}
"""
signature = MessageSignatureEx()
message = String()
s = Stream(data)
s.readType((signature, message))
#decrypt message
plaintextMessage = rc4.crypt(self._decryptHandle, message.value)
checksum = rc4.crypt(self._decryptHandle, signature.Checksum.value)
#recompute checksum
t = Stream()
t.writeType(signature.SeqNum)
verify = HMAC_MD5(self._verifyKey, t.getvalue() + plaintextMessage)[:8]
if verify != checksum:
raise error.InvalidExpectedDataException("NTLMv2SecurityInterface : Invalid checksum")
return plaintextMessage
