/// <summary>
/// initialize the target info, contains av pairs.
/// </summary>
/// <param name="targetInfoBytes">the bytes of target info that specified in the AV_PAIR collection</param>
/// <returns>the initialized target info, av pairs collection</returns>
private ICollection <AV_PAIR> InitializeTargetInfo(
byte[] targetInfoBytes
)
{
ICollection <AV_PAIR> targetInfo = NlmpUtility.BytesGetAvPairCollection(targetInfoBytes);
InitializeMsAvFlags(targetInfo);
InitializeRestriction(targetInfo);
return(targetInfo);
}
/// <summary>
/// retrieve the domain name from client. client encode the domain name in the authenticate packet.
/// </summary>
/// <param name="authenticatePacket">the authenticate packet contains the domain name</param>
/// <returns>the authentication information of client</returns>
private ClientAuthenticateInfomation RetrieveClientAuthenticateInformation(
NlmpAuthenticatePacket authenticatePacket)
{
ClientAuthenticateInfomation authenticateInformation = new ClientAuthenticateInfomation();
// retrieve the version of client
if (authenticatePacket.Payload.NtChallengeResponseFields.Len == NTLM_V1_NT_CHALLENGE_RESPONSE_LENGTH)
{
authenticateInformation.Version = NlmpVersion.v1;
}
else
{
authenticateInformation.Version = NlmpVersion.v2;
}
// retrieve the client challenge
if (authenticateInformation.Version == NlmpVersion.v1)
{
authenticateInformation.ClientChallenge = BitConverter.ToUInt64(ArrayUtility.SubArray <byte>(
authenticatePacket.Payload.LmChallengeResponse, 0, TIME_CLIENT_CHALLENGE_LENGTH), 0);
}
else
{
authenticateInformation.ClientChallenge = BitConverter.ToUInt64(
ArrayUtility.SubArray <byte>(authenticatePacket.Payload.NtChallengeResponse,
NTLM_V2_CLIENT_CHALLENGE_OFFSET_IN_NT_CHALLENGE_RESPONSE, TIME_CLIENT_CHALLENGE_LENGTH), 0);
}
// retrieve the domain name of client
if (NlmpUtility.IsUnicode(authenticatePacket.Payload.NegotiateFlags))
{
authenticateInformation.DomainName = Encoding.Unicode.GetString(authenticatePacket.Payload.DomainName);
}
else
{
authenticateInformation.DomainName = Encoding.ASCII.GetString(authenticatePacket.Payload.DomainName);
}
// retrieve the user name of client
if (NlmpUtility.IsUnicode(authenticatePacket.Payload.NegotiateFlags))
{
authenticateInformation.UserName = Encoding.Unicode.GetString(authenticatePacket.Payload.UserName);
}
else
{
authenticateInformation.UserName = Encoding.ASCII.GetString(authenticatePacket.Payload.UserName);
}
// retrieve the server name of client
if (authenticateInformation.Version == NlmpVersion.v2)
{
authenticateInformation.ServerName =
ArrayUtility.SubArray <byte>(authenticatePacket.Payload.NtChallengeResponse,
NTLM_V2_SERVER_NAME_OFFSET_IN_NT_CHALLENGE_RESPONSE,
authenticatePacket.Payload.NtChallengeResponseFields.Len -
NTLM_V2_SERVER_NAME_OFFSET_IN_NT_CHALLENGE_RESPONSE -
NTLM_V2_SERVER_NAME_RESERVED_LENGTH_IN_NT_CHALLENGE_RESPONSE);
}
// retrieve the time of client
ICollection <AV_PAIR> targetInfo =
NlmpUtility.BytesGetAvPairCollection(this.challenge.Payload.TargetInfo);
// retrieve the time
authenticateInformation.ClientTime = NlmpUtility.GetTime(targetInfo);
// if server did not response the timestamp, use the client time stamp
if (!NlmpUtility.AvPairContains(targetInfo, AV_PAIR_IDs.MsvAvTimestamp) &&
authenticateInformation.Version == NlmpVersion.v2)
{
authenticateInformation.ClientTime = BitConverter.ToUInt64(
ArrayUtility.SubArray <byte>(authenticatePacket.Payload.NtChallengeResponse,
NTLM_V2_TIME_STAMP_OFFSET_IN_NT_CHALLENGE_RESPONSE, TIME_STAMP_LENGTH), 0);
}
return(authenticateInformation);
}