/// <exception cref="WinrtCifs.Smb.SmbException"></exception>
public SigningDigest(SmbTransport transport, NtlmPasswordAuthentication auth)
{
try
{
_digest = MessageDigest.GetInstance("MD5");
}
catch (NoSuchAlgorithmException ex)
{
if (Log.Level > 0)
{
Runtime.PrintStackTrace(ex, Log);
}
throw new SmbException("MD5", ex);
}
try
{
switch (SmbConstants.LmCompatibility)
{
case 0:
case 1:
case 2:
{
_macSigningKey = new byte[40];
auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0);
Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey
, 16, 24);
break;
}
case 3:
case 4:
case 5:
{
_macSigningKey = new byte[16];
auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0);
break;
}
default:
{
_macSigningKey = new byte[40];
auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0);
Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey
, 16, 24);
break;
}
}
}
catch (Exception ex)
{
throw new SmbException(string.Empty, ex);
}
if (Log.Level >= 5)
{
Log.WriteLine("LM_COMPATIBILITY=" + SmbConstants.LmCompatibility);
Hexdump.ToHexdump(Log, _macSigningKey, 0, _macSigningKey.Length);
}
}
/// <exception cref="WinrtCifs.Smb.SmbException"></exception>
internal SmbComSessionSetupAndX(SmbSession session, ServerMessageBlock andx, object
cred) : base(andx)
{
Command = SmbComSessionSetupAndx;
this.Session = session;
this.Cred = cred;
_sessionKey = session.transport.SessionKey;
_capabilities = session.transport.Capabilities;
if (session.transport.Server.Security == SmbConstants.SecurityUser)
{
if (cred is NtlmPasswordAuthentication)
{
NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred;
if (auth == NtlmPasswordAuthentication.Anonymous)
{
_lmHash = new byte[0];
_ntHash = new byte[0];
_capabilities &= ~SmbConstants.CapExtendedSecurity;
}
else
{
if (session.transport.Server.EncryptedPasswords)
{
_lmHash = auth.GetAnsiHash(session.transport.Server.EncryptionKey);
_ntHash = auth.GetUnicodeHash(session.transport.Server.EncryptionKey);
// prohibit HTTP auth attempts for the null session
if (_lmHash.Length == 0 && _ntHash.Length == 0)
{
throw new RuntimeException("Null setup prohibited.");
}
}
else
{
if (DisablePlainTextPasswords)
{
throw new RuntimeException("Plain text passwords are disabled");
}
if (UseUnicode)
{
// plain text
string password = auth.GetPassword();
_lmHash = new byte[0];
_ntHash = new byte[(password.Length + 1) * 2];
WriteString(password, _ntHash, 0);
}
else
{
// plain text
string password = auth.GetPassword();
_lmHash = new byte[(password.Length + 1) * 2];
_ntHash = new byte[0];
WriteString(password, _lmHash, 0);
}
}
}
_accountName = auth.Username;
if (UseUnicode)
{
_accountName = _accountName.ToUpper();
}
_primaryDomain = auth.Domain.ToUpper();
}
else
{
if (cred is byte[])
{
_blob = (byte[])cred;
}
else
{
throw new SmbException("Unsupported credential type");
}
}
}
else
{
if (session.transport.Server.Security == SmbConstants.SecurityShare)
{
if (cred is NtlmPasswordAuthentication)
{
NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred;
_lmHash = new byte[0];
_ntHash = new byte[0];
_accountName = auth.Username;
if (UseUnicode)
{
_accountName = _accountName.ToUpper();
}
_primaryDomain = auth.Domain.ToUpper();
}
else
{
throw new SmbException("Unsupported credential type");
}
}
else
{
throw new SmbException("Unsupported");
}
}
}