Merge branch 'add-mslogonii' of https://github.com/pdlan/noVNC
This commit is contained in:
Pierre Ossman
commit
e6fce71d6a
61
core/rfb.js
61
core/rfb.js
|
|
@ -62,6 +62,7 @@ const securityTypeTight = 16;
|
|||
const securityTypeVeNCrypt = 19;
|
||||
const securityTypeXVP = 22;
|
||||
const securityTypeARD = 30;
|
||||
const securityTypeMSLogonII = 113;
|
||||
|
||||
// Special Tight security types
|
||||
const securityTypeUnixLogon = 129;
|
||||
|
|
@ -1392,6 +1393,7 @@ export default class RFB extends EventTargetMixin {
|
|||
securityTypeVeNCrypt,
|
||||
securityTypeXVP,
|
||||
securityTypeARD,
|
||||
securityTypeMSLogonII,
|
||||
securityTypePlain,
|
||||
];
|
||||
|
||||
|
|
@ -1903,6 +1905,62 @@ export default class RFB extends EventTargetMixin {
|
|||
return false;
|
||||
}
|
||||
|
||||
_negotiateMSLogonIIAuth() {
|
||||
if (this._sock.rQwait("mslogonii dh param", 24)) { return false; }
|
||||
|
||||
if (this._rfbCredentials.username === undefined ||
|
||||
this._rfbCredentials.password === undefined) {
|
||||
this.dispatchEvent(new CustomEvent(
|
||||
"credentialsrequired",
|
||||
{ detail: { types: ["username", "password"] } }));
|
||||
return false;
|
||||
}
|
||||
|
||||
const g = this._sock.rQshiftBytes(8);
|
||||
const p = this._sock.rQshiftBytes(8);
|
||||
const A = this._sock.rQshiftBytes(8);
|
||||
const b = window.crypto.getRandomValues(new Uint8Array(8));
|
||||
const B = new Uint8Array(this._modPow(g, b, p));
|
||||
const secret = new Uint8Array(this._modPow(A, b, p));
|
||||
|
||||
const des = new DES(secret);
|
||||
const username = encodeUTF8(this._rfbCredentials.username).substring(0, 255);
|
||||
const password = encodeUTF8(this._rfbCredentials.password).substring(0, 63);
|
||||
const usernameBytes = new Uint8Array(256);
|
||||
const passwordBytes = new Uint8Array(64);
|
||||
window.crypto.getRandomValues(usernameBytes);
|
||||
window.crypto.getRandomValues(passwordBytes);
|
||||
for (let i = 0; i < username.length; i++) {
|
||||
usernameBytes[i] = username.charCodeAt(i);
|
||||
}
|
||||
usernameBytes[username.length] = 0;
|
||||
for (let i = 0; i < password.length; i++) {
|
||||
passwordBytes[i] = password.charCodeAt(i);
|
||||
}
|
||||
passwordBytes[password.length] = 0;
|
||||
let x = new Uint8Array(secret);
|
||||
for (let i = 0; i < 32; i++) {
|
||||
for (let j = 0; j < 8; j++) {
|
||||
x[j] ^= usernameBytes[i * 8 + j];
|
||||
}
|
||||
x = des.enc8(x);
|
||||
usernameBytes.set(x, i * 8);
|
||||
}
|
||||
x = new Uint8Array(secret);
|
||||
for (let i = 0; i < 8; i++) {
|
||||
for (let j = 0; j < 8; j++) {
|
||||
x[j] ^= passwordBytes[i * 8 + j];
|
||||
}
|
||||
x = des.enc8(x);
|
||||
passwordBytes.set(x, i * 8);
|
||||
}
|
||||
this._sock.send(B);
|
||||
this._sock.send(usernameBytes);
|
||||
this._sock.send(passwordBytes);
|
||||
this._rfbInitState = "SecurityResult";
|
||||
return true;
|
||||
}
|
||||
|
||||
_negotiateAuthentication() {
|
||||
switch (this._rfbAuthScheme) {
|
||||
case securityTypeNone:
|
||||
|
|
@ -1933,6 +1991,9 @@ export default class RFB extends EventTargetMixin {
|
|||
case securityTypeRA2ne:
|
||||
return this._negotiateRA2neAuth();
|
||||
|
||||
case securityTypeMSLogonII:
|
||||
return this._negotiateMSLogonIIAuth();
|
||||
|
||||
default:
|
||||
return this._fail("Unsupported auth scheme (scheme: " +
|
||||
this._rfbAuthScheme + ")");
|
||||
|
|
|
|||
|
|
@ -1336,6 +1336,86 @@ describe('Remote Frame Buffer Protocol Client', function () {
|
|||
});
|
||||
});
|
||||
|
||||
describe('MSLogonII Authentication (type 113) Handler', function () {
|
||||
function fakeGetRandomValues(arr) {
|
||||
if (arr.length == 8) {
|
||||
arr.set(new Uint8Array([0, 0, 0, 0, 5, 6, 7, 8]));
|
||||
} else if (arr.length == 256) {
|
||||
arr.set(new Uint8Array(256));
|
||||
} else if (arr.length == 64) {
|
||||
arr.set(new Uint8Array(64));
|
||||
}
|
||||
return arr;
|
||||
}
|
||||
const expected = new Uint8Array([
|
||||
0x00, 0x00, 0x00, 0x00, 0x0a, 0xbc, 0x7c, 0xfd,
|
||||
0x58, 0x34, 0xd2, 0x24, 0x44, 0x60, 0xf0, 0xd1,
|
||||
0xa3, 0x73, 0x32, 0x02, 0x07, 0xce, 0xc1, 0x3f,
|
||||
0x10, 0x53, 0xf1, 0xdd, 0x99, 0xad, 0x44, 0x18,
|
||||
0xa1, 0xc4, 0xac, 0xc1, 0x1c, 0x13, 0x11, 0x85,
|
||||
0x3a, 0x6f, 0xcb, 0xc6, 0xb1, 0x6c, 0x68, 0x47,
|
||||
0x85, 0x01, 0xbb, 0xfa, 0x23, 0x8c, 0x59, 0x47,
|
||||
0x67, 0x47, 0x56, 0x6e, 0x6f, 0x9f, 0x07, 0x76,
|
||||
0x2e, 0x90, 0x1e, 0xdc, 0x80, 0xc4, 0x4b, 0x72,
|
||||
0xd2, 0xd5, 0xcd, 0x4b, 0x14, 0xff, 0x05, 0x8b,
|
||||
0x8d, 0xf1, 0x9b, 0xe0, 0xff, 0xa5, 0x3b, 0x56,
|
||||
0xb9, 0x6f, 0x84, 0x3e, 0x15, 0x84, 0x31, 0x4e,
|
||||
0x10, 0x0b, 0x56, 0xf4, 0x10, 0x05, 0x02, 0xc7,
|
||||
0x05, 0x0b, 0xc9, 0x66, 0x75, 0x32, 0xd3, 0x74,
|
||||
0xfc, 0x8c, 0xcf, 0xbd, 0x2d, 0x53, 0xd7, 0xa7,
|
||||
0xca, 0x82, 0x12, 0xce, 0xbb, 0x33, 0x09, 0x3f,
|
||||
0xff, 0x76, 0x7c, 0xdf, 0x2c, 0x2f, 0x4d, 0x95,
|
||||
0x86, 0xe4, 0x10, 0x07, 0x75, 0x1a, 0x6d, 0xdb,
|
||||
0x05, 0x91, 0x70, 0x34, 0x5c, 0x12, 0xbc, 0x4e,
|
||||
0x5e, 0xd0, 0x21, 0x39, 0x25, 0x2b, 0x62, 0x19,
|
||||
0x29, 0xa5, 0xe6, 0x93, 0x7b, 0xf8, 0x3f, 0xcf,
|
||||
0xd7, 0x3f, 0x0c, 0xd2, 0x68, 0x2d, 0x1e, 0x01,
|
||||
0x1a, 0x31, 0xc1, 0x59, 0x04, 0x06, 0xf6, 0x3b,
|
||||
0xec, 0x38, 0xef, 0x1b, 0x5b, 0x39, 0x88, 0xd3,
|
||||
0xe0, 0x5b, 0xb9, 0xef, 0xc3, 0x82, 0xfa, 0xdf,
|
||||
0x04, 0xf7, 0x65, 0x56, 0x82, 0x77, 0xfd, 0x63,
|
||||
0x10, 0xd7, 0xab, 0x0b, 0x5e, 0xd9, 0x07, 0x81,
|
||||
0x9d, 0xce, 0x26, 0xfb, 0x5d, 0xa8, 0x59, 0x2a,
|
||||
0xd9, 0xb8, 0xac, 0xcd, 0x6e, 0x61, 0x07, 0x39,
|
||||
0x9f, 0x8d, 0xdf, 0x53, 0x44, 0xab, 0x28, 0x01,
|
||||
0x86, 0x4d, 0x07, 0x8a, 0x5b, 0xdd, 0xc1, 0x18,
|
||||
0x29, 0xaa, 0xa2, 0xbe, 0xe2, 0x9c, 0x9e, 0xb0,
|
||||
0xb3, 0x2b, 0x2c, 0x93, 0x3e, 0x82, 0x07, 0xa6,
|
||||
0xef, 0x21, 0x2c, 0xa7, 0xf0, 0x65, 0xba, 0xda,
|
||||
0x13, 0xe4, 0x41, 0x87, 0x36, 0x1c, 0xa5, 0x81,
|
||||
0xae, 0xf3, 0x3e, 0xda, 0x03, 0x09, 0x63, 0x4b,
|
||||
0xb5, 0x29, 0x49, 0xfa, 0xbb, 0xa6, 0x31, 0x3c,
|
||||
0xc8, 0x15, 0xfb, 0xfc, 0xd6, 0xff, 0x04, 0x92,
|
||||
0x56, 0xbc, 0x66, 0xf1, 0x78, 0xfb, 0x14, 0x79,
|
||||
0x48, 0xd2, 0xcf, 0x87, 0x60, 0x23, 0xcf, 0xdb,
|
||||
0x1b, 0xad, 0x42, 0x32, 0x4e, 0x6d, 0x1f, 0x49,
|
||||
]);
|
||||
before(() => {
|
||||
sinon.stub(window.crypto, "getRandomValues").callsFake(fakeGetRandomValues);
|
||||
});
|
||||
after(() => {
|
||||
window.crypto.getRandomValues.restore();
|
||||
});
|
||||
it('should send public value and encrypted credentials', function () {
|
||||
client._rfbCredentials = { username: 'username',
|
||||
password: 'password123456' };
|
||||
sendSecurity(113, client);
|
||||
|
||||
expect(client._sock).to.have.sent([113]);
|
||||
|
||||
const g = new Uint8Array([0, 0, 0, 0, 0, 1, 0, 1]);
|
||||
const p = new Uint8Array([0, 0, 0, 0, 0x25, 0x18, 0x26, 0x17]);
|
||||
const A = new Uint8Array([0, 0, 0, 0, 0x0e, 0x12, 0xd0, 0xf5]);
|
||||
|
||||
client._sock._websocket._receiveData(g);
|
||||
client._sock._websocket._receiveData(p);
|
||||
client._sock._websocket._receiveData(A);
|
||||
|
||||
expect(client._sock).to.have.sent(expected);
|
||||
expect(client._rfbInitState).to.equal('SecurityResult');
|
||||
});
|
||||
});
|
||||
|
||||
describe('XVP Authentication (type 22) Handler', function () {
|
||||
it('should fall through to standard VNC authentication upon completion', function () {
|
||||
client._rfbCredentials = { username: 'user',
|
||||
|
|
|
|||
Loading…
Reference in New Issue