From: megacz <megacz@xwt.org>
Date: Fri, 30 Jan 2004 07:38:54 +0000 (+0000)
Subject: 2003/10/01 04:29:10
X-Git-Tag: RC3~496
X-Git-Url: http://git.megacz.com/?p=org.ibex.core.git;a=commitdiff_plain;h=e45a36e825e22ace9ee5dd03c25d9d3309c34ffa

2003/10/01 04:29:10

darcs-hash:20040130073854-2ba56-0a0896b4ea5888d449480eaebe536590cad02633.gz
---

diff --git a/src/org/bouncycastle/crypto/engines/DESEngine.java b/src/org/bouncycastle/crypto/engines/DESEngine.java
new file mode 100644
index 0000000..41e3204
--- /dev/null
+++ b/src/org/bouncycastle/crypto/engines/DESEngine.java
@@ -0,0 +1,491 @@
+package org.bouncycastle.crypto.engines;
+
+import java.lang.IllegalStateException;
+
+import org.bouncycastle.crypto.BlockCipher;
+import org.bouncycastle.crypto.CipherParameters;
+import org.bouncycastle.crypto.DataLengthException;
+import org.bouncycastle.crypto.params.KeyParameter;
+
+/**
+ * a class that provides a basic DES engine.
+ */
+public class DESEngine
+    implements BlockCipher
+{
+    protected static final int  BLOCK_SIZE = 8;
+
+    private int[]               workingKey = null;
+
+    /**
+     * standard constructor.
+     */
+    public DESEngine()
+    {
+    }
+
+    /**
+     * initialise a DES cipher.
+     *
+     * @param forEncryption whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           encrypting,
+        CipherParameters  params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            workingKey = generateWorkingKey(encrypting,
+                                  ((KeyParameter)params).getKey());
+
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to DES init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "DES";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey == null)
+        {
+            throw new IllegalStateException("DES engine not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new DataLengthException("output buffer too short");
+        }
+
+        desFunc(workingKey, in, inOff, out, outOff);
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+
+    /**
+     * what follows is mainly taken from "Applied Cryptography", by
+     * Bruce Schneier, however it also bears great resemblance to Richard
+     * Outerbridge's D3DES...
+     */
+
+    static short[]    Df_Key =
+        {
+            0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+            0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+            0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+        };
+
+    static short[]    bytebit =
+        {
+            0200, 0100, 040, 020, 010, 04, 02, 01
+        };
+
+    static int[]    bigbyte =
+        {
+            0x800000, 0x400000, 0x200000, 0x100000,
+            0x80000,  0x40000,  0x20000,  0x10000,
+            0x8000,      0x4000,   0x2000,   0x1000,
+            0x800,    0x400,    0x200,    0x100,
+            0x80,      0x40,        0x20,     0x10,
+            0x8,      0x4,      0x2,      0x1
+        };
+
+    /*
+     * Use the key schedule specified in the Standard (ANSI X3.92-1981).
+     */
+
+    static byte[]    pc1 =
+        {
+            56, 48, 40, 32, 24, 16,  8,   0, 57, 49, 41, 33, 25, 17,
+             9,  1, 58, 50, 42, 34, 26,  18, 10,  2, 59, 51, 43, 35,
+            62, 54, 46, 38, 30, 22, 14,   6, 61, 53, 45, 37, 29, 21,
+            13,  5, 60, 52, 44, 36, 28,  20, 12,  4, 27, 19, 11,  3
+        };
+
+    static byte[] totrot =
+        {
+            1, 2, 4, 6, 8, 10, 12, 14,
+            15, 17, 19, 21, 23, 25, 27, 28
+        };
+
+    static byte[] pc2 =
+        {
+            13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+            22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+            40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+            43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31
+        };
+
+    static int[] SP1 = {
+        0x01010400, 0x00000000, 0x00010000, 0x01010404,
+        0x01010004, 0x00010404, 0x00000004, 0x00010000,
+        0x00000400, 0x01010400, 0x01010404, 0x00000400,
+        0x01000404, 0x01010004, 0x01000000, 0x00000004,
+        0x00000404, 0x01000400, 0x01000400, 0x00010400,
+        0x00010400, 0x01010000, 0x01010000, 0x01000404,
+        0x00010004, 0x01000004, 0x01000004, 0x00010004,
+        0x00000000, 0x00000404, 0x00010404, 0x01000000,
+        0x00010000, 0x01010404, 0x00000004, 0x01010000,
+        0x01010400, 0x01000000, 0x01000000, 0x00000400,
+        0x01010004, 0x00010000, 0x00010400, 0x01000004,
+        0x00000400, 0x00000004, 0x01000404, 0x00010404,
+        0x01010404, 0x00010004, 0x01010000, 0x01000404,
+        0x01000004, 0x00000404, 0x00010404, 0x01010400,
+        0x00000404, 0x01000400, 0x01000400, 0x00000000,
+        0x00010004, 0x00010400, 0x00000000, 0x01010004
+    };
+
+    static int[] SP2 = {
+        0x80108020, 0x80008000, 0x00008000, 0x00108020,
+        0x00100000, 0x00000020, 0x80100020, 0x80008020,
+        0x80000020, 0x80108020, 0x80108000, 0x80000000,
+        0x80008000, 0x00100000, 0x00000020, 0x80100020,
+        0x00108000, 0x00100020, 0x80008020, 0x00000000,
+        0x80000000, 0x00008000, 0x00108020, 0x80100000,
+        0x00100020, 0x80000020, 0x00000000, 0x00108000,
+        0x00008020, 0x80108000, 0x80100000, 0x00008020,
+        0x00000000, 0x00108020, 0x80100020, 0x00100000,
+        0x80008020, 0x80100000, 0x80108000, 0x00008000,
+        0x80100000, 0x80008000, 0x00000020, 0x80108020,
+        0x00108020, 0x00000020, 0x00008000, 0x80000000,
+        0x00008020, 0x80108000, 0x00100000, 0x80000020,
+        0x00100020, 0x80008020, 0x80000020, 0x00100020,
+        0x00108000, 0x00000000, 0x80008000, 0x00008020,
+        0x80000000, 0x80100020, 0x80108020, 0x00108000
+    };
+
+    static int[] SP3 = {
+        0x00000208, 0x08020200, 0x00000000, 0x08020008,
+        0x08000200, 0x00000000, 0x00020208, 0x08000200,
+        0x00020008, 0x08000008, 0x08000008, 0x00020000,
+        0x08020208, 0x00020008, 0x08020000, 0x00000208,
+        0x08000000, 0x00000008, 0x08020200, 0x00000200,
+        0x00020200, 0x08020000, 0x08020008, 0x00020208,
+        0x08000208, 0x00020200, 0x00020000, 0x08000208,
+        0x00000008, 0x08020208, 0x00000200, 0x08000000,
+        0x08020200, 0x08000000, 0x00020008, 0x00000208,
+        0x00020000, 0x08020200, 0x08000200, 0x00000000,
+        0x00000200, 0x00020008, 0x08020208, 0x08000200,
+        0x08000008, 0x00000200, 0x00000000, 0x08020008,
+        0x08000208, 0x00020000, 0x08000000, 0x08020208,
+        0x00000008, 0x00020208, 0x00020200, 0x08000008,
+        0x08020000, 0x08000208, 0x00000208, 0x08020000,
+        0x00020208, 0x00000008, 0x08020008, 0x00020200
+    };
+
+    static int[] SP4 = {
+        0x00802001, 0x00002081, 0x00002081, 0x00000080,
+        0x00802080, 0x00800081, 0x00800001, 0x00002001,
+        0x00000000, 0x00802000, 0x00802000, 0x00802081,
+        0x00000081, 0x00000000, 0x00800080, 0x00800001,
+        0x00000001, 0x00002000, 0x00800000, 0x00802001,
+        0x00000080, 0x00800000, 0x00002001, 0x00002080,
+        0x00800081, 0x00000001, 0x00002080, 0x00800080,
+        0x00002000, 0x00802080, 0x00802081, 0x00000081,
+        0x00800080, 0x00800001, 0x00802000, 0x00802081,
+        0x00000081, 0x00000000, 0x00000000, 0x00802000,
+        0x00002080, 0x00800080, 0x00800081, 0x00000001,
+        0x00802001, 0x00002081, 0x00002081, 0x00000080,
+        0x00802081, 0x00000081, 0x00000001, 0x00002000,
+        0x00800001, 0x00002001, 0x00802080, 0x00800081,
+        0x00002001, 0x00002080, 0x00800000, 0x00802001,
+        0x00000080, 0x00800000, 0x00002000, 0x00802080
+    };
+
+    static int[] SP5 = {
+        0x00000100, 0x02080100, 0x02080000, 0x42000100,
+        0x00080000, 0x00000100, 0x40000000, 0x02080000,
+        0x40080100, 0x00080000, 0x02000100, 0x40080100,
+        0x42000100, 0x42080000, 0x00080100, 0x40000000,
+        0x02000000, 0x40080000, 0x40080000, 0x00000000,
+        0x40000100, 0x42080100, 0x42080100, 0x02000100,
+        0x42080000, 0x40000100, 0x00000000, 0x42000000,
+        0x02080100, 0x02000000, 0x42000000, 0x00080100,
+        0x00080000, 0x42000100, 0x00000100, 0x02000000,
+        0x40000000, 0x02080000, 0x42000100, 0x40080100,
+        0x02000100, 0x40000000, 0x42080000, 0x02080100,
+        0x40080100, 0x00000100, 0x02000000, 0x42080000,
+        0x42080100, 0x00080100, 0x42000000, 0x42080100,
+        0x02080000, 0x00000000, 0x40080000, 0x42000000,
+        0x00080100, 0x02000100, 0x40000100, 0x00080000,
+        0x00000000, 0x40080000, 0x02080100, 0x40000100
+    };
+
+    static int[] SP6 = {
+        0x20000010, 0x20400000, 0x00004000, 0x20404010,
+        0x20400000, 0x00000010, 0x20404010, 0x00400000,
+        0x20004000, 0x00404010, 0x00400000, 0x20000010,
+        0x00400010, 0x20004000, 0x20000000, 0x00004010,
+        0x00000000, 0x00400010, 0x20004010, 0x00004000,
+        0x00404000, 0x20004010, 0x00000010, 0x20400010,
+        0x20400010, 0x00000000, 0x00404010, 0x20404000,
+        0x00004010, 0x00404000, 0x20404000, 0x20000000,
+        0x20004000, 0x00000010, 0x20400010, 0x00404000,
+        0x20404010, 0x00400000, 0x00004010, 0x20000010,
+        0x00400000, 0x20004000, 0x20000000, 0x00004010,
+        0x20000010, 0x20404010, 0x00404000, 0x20400000,
+        0x00404010, 0x20404000, 0x00000000, 0x20400010,
+        0x00000010, 0x00004000, 0x20400000, 0x00404010,
+        0x00004000, 0x00400010, 0x20004010, 0x00000000,
+        0x20404000, 0x20000000, 0x00400010, 0x20004010
+    };
+
+    static int[] SP7 = {
+        0x00200000, 0x04200002, 0x04000802, 0x00000000,
+        0x00000800, 0x04000802, 0x00200802, 0x04200800,
+        0x04200802, 0x00200000, 0x00000000, 0x04000002,
+        0x00000002, 0x04000000, 0x04200002, 0x00000802,
+        0x04000800, 0x00200802, 0x00200002, 0x04000800,
+        0x04000002, 0x04200000, 0x04200800, 0x00200002,
+        0x04200000, 0x00000800, 0x00000802, 0x04200802,
+        0x00200800, 0x00000002, 0x04000000, 0x00200800,
+        0x04000000, 0x00200800, 0x00200000, 0x04000802,
+        0x04000802, 0x04200002, 0x04200002, 0x00000002,
+        0x00200002, 0x04000000, 0x04000800, 0x00200000,
+        0x04200800, 0x00000802, 0x00200802, 0x04200800,
+        0x00000802, 0x04000002, 0x04200802, 0x04200000,
+        0x00200800, 0x00000000, 0x00000002, 0x04200802,
+        0x00000000, 0x00200802, 0x04200000, 0x00000800,
+        0x04000002, 0x04000800, 0x00000800, 0x00200002
+    };
+
+    static int[] SP8 = {
+        0x10001040, 0x00001000, 0x00040000, 0x10041040,
+        0x10000000, 0x10001040, 0x00000040, 0x10000000,
+        0x00040040, 0x10040000, 0x10041040, 0x00041000,
+        0x10041000, 0x00041040, 0x00001000, 0x00000040,
+        0x10040000, 0x10000040, 0x10001000, 0x00001040,
+        0x00041000, 0x00040040, 0x10040040, 0x10041000,
+        0x00001040, 0x00000000, 0x00000000, 0x10040040,
+        0x10000040, 0x10001000, 0x00041040, 0x00040000,
+        0x00041040, 0x00040000, 0x10041000, 0x00001000,
+        0x00000040, 0x10040040, 0x00001000, 0x00041040,
+        0x10001000, 0x00000040, 0x10000040, 0x10040000,
+        0x10040040, 0x10000000, 0x00040000, 0x10001040,
+        0x00000000, 0x10041040, 0x00040040, 0x10000040,
+        0x10040000, 0x10001000, 0x10001040, 0x00000000,
+        0x10041040, 0x00041000, 0x00041000, 0x00001040,
+        0x00001040, 0x00040040, 0x10000000, 0x10041000
+    };
+
+    /**
+     * generate an integer based working key based on our secret key
+     * and what we processing we are planning to do.
+     *
+     * Acknowledgements for this routine go to James Gillogly & Phil Karn.
+     *         (whoever, and wherever they are!).
+     */
+    protected int[] generateWorkingKey(
+        boolean encrypting,
+        byte[]  key)
+    {
+        int[]       newKey = new int[32];
+        boolean[]   pc1m = new boolean[56],
+                    pcr = new boolean[56];
+
+        for (int j = 0; j < 56; j++ )
+        {
+            int    l = pc1[j];
+
+            pc1m[j] = ((key[l >>> 3] & bytebit[l & 07]) != 0);
+        }
+
+        for (int i = 0; i < 16; i++)
+        {
+            int    l, m, n;
+
+            if (encrypting)
+            {
+                m = i << 1;
+            }
+            else
+            {
+                m = (15 - i) << 1;
+            }
+
+            n = m + 1;
+            newKey[m] = newKey[n] = 0;
+
+            for (int j = 0; j < 28; j++)
+            {
+                l = j + totrot[i];
+                if ( l < 28 )
+                {
+                    pcr[j] = pc1m[l];
+                }
+                else
+                {
+                    pcr[j] = pc1m[l - 28];
+                }
+            }
+
+            for (int j = 28; j < 56; j++)
+            {
+                l = j + totrot[i];
+                if (l < 56 )
+                {
+                    pcr[j] = pc1m[l];
+                }
+                else
+                {
+                    pcr[j] = pc1m[l - 28];
+                }
+            }
+
+            for (int j = 0; j < 24; j++)
+            {
+                if (pcr[pc2[j]])
+                {
+                    newKey[m] |= bigbyte[j];
+                }
+
+                if (pcr[pc2[j + 24]])
+                {
+                    newKey[n] |= bigbyte[j];
+                }
+            }
+        }
+
+        //
+        // store the processed key
+        //
+        for (int i = 0; i != 32; i += 2)
+        {
+            int    i1, i2;
+
+            i1 = newKey[i];
+            i2 = newKey[i + 1];
+
+            newKey[i] = ((i1 & 0x00fc0000) << 6) | ((i1 & 0x00000fc0) << 10)
+                                   | ((i2 & 0x00fc0000) >>> 10) | ((i2 & 0x00000fc0) >>> 6);
+
+            newKey[i + 1] = ((i1 & 0x0003f000) << 12) | ((i1 & 0x0000003f) << 16)
+                                   | ((i2 & 0x0003f000) >>> 4) | (i2 & 0x0000003f);
+        }
+
+        return newKey;
+    }
+
+    /**
+     * the DES engine.
+     */
+    protected void desFunc(
+        int[]   wKey,
+        byte[]  in,
+        int     inOff,
+        byte[]  out,
+        int     outOff)
+    {
+        int     work, right, left;
+
+        left     = (in[inOff + 0] & 0xff) << 24;
+        left    |= (in[inOff + 1] & 0xff) << 16;
+        left    |= (in[inOff + 2] & 0xff) << 8;
+        left    |= (in[inOff + 3] & 0xff);
+
+        right     = (in[inOff + 4] & 0xff) << 24;
+        right    |= (in[inOff + 5] & 0xff) << 16;
+        right    |= (in[inOff + 6] & 0xff) << 8;
+        right    |= (in[inOff + 7] & 0xff);
+
+        work = ((left >>> 4) ^ right) & 0x0f0f0f0f;
+        right ^= work;
+        left ^= (work << 4);
+        work = ((left >>> 16) ^ right) & 0x0000ffff;
+        right ^= work;
+        left ^= (work << 16);
+        work = ((right >>> 2) ^ left) & 0x33333333;
+        left ^= work;
+        right ^= (work << 2);
+        work = ((right >>> 8) ^ left) & 0x00ff00ff;
+        left ^= work;
+        right ^= (work << 8);
+        right = ((right << 1) | ((right >>> 31) & 1)) & 0xffffffff;
+        work = (left ^ right) & 0xaaaaaaaa;
+        left ^= work;
+        right ^= work;
+        left = ((left << 1) | ((left >>> 31) & 1)) & 0xffffffff;
+
+        for (int round = 0; round < 8; round++)
+        {
+            int     fval;
+
+            work  = (right << 28) | (right >>> 4);
+            work ^= wKey[round * 4 + 0];
+            fval  = SP7[ work      & 0x3f];
+            fval |= SP5[(work >>>  8) & 0x3f];
+            fval |= SP3[(work >>> 16) & 0x3f];
+            fval |= SP1[(work >>> 24) & 0x3f];
+            work  = right ^ wKey[round * 4 + 1];
+            fval |= SP8[ work      & 0x3f];
+            fval |= SP6[(work >>>  8) & 0x3f];
+            fval |= SP4[(work >>> 16) & 0x3f];
+            fval |= SP2[(work >>> 24) & 0x3f];
+            left ^= fval;
+            work  = (left << 28) | (left >>> 4);
+            work ^= wKey[round * 4 + 2];
+            fval  = SP7[ work      & 0x3f];
+            fval |= SP5[(work >>>  8) & 0x3f];
+            fval |= SP3[(work >>> 16) & 0x3f];
+            fval |= SP1[(work >>> 24) & 0x3f];
+            work  = left ^ wKey[round * 4 + 3];
+            fval |= SP8[ work      & 0x3f];
+            fval |= SP6[(work >>>  8) & 0x3f];
+            fval |= SP4[(work >>> 16) & 0x3f];
+            fval |= SP2[(work >>> 24) & 0x3f];
+            right ^= fval;
+        }
+
+        right = (right << 31) | (right >>> 1);
+        work = (left ^ right) & 0xaaaaaaaa;
+        left ^= work;
+        right ^= work;
+        left = (left << 31) | (left >>> 1);
+        work = ((left >>> 8) ^ right) & 0x00ff00ff;
+        right ^= work;
+        left ^= (work << 8);
+        work = ((left >>> 2) ^ right) & 0x33333333;
+        right ^= work;
+        left ^= (work << 2);
+        work = ((right >>> 16) ^ left) & 0x0000ffff;
+        left ^= work;
+        right ^= (work << 16);
+        work = ((right >>> 4) ^ left) & 0x0f0f0f0f;
+        left ^= work;
+        right ^= (work << 4);
+
+        out[outOff + 0] = (byte)((right >>> 24) & 0xff);
+        out[outOff + 1] = (byte)((right >>> 16) & 0xff);
+        out[outOff + 2] = (byte)((right >>>  8) & 0xff);
+        out[outOff + 3] = (byte)( right         & 0xff);
+        out[outOff + 4] = (byte)((left >>> 24) & 0xff);
+        out[outOff + 5] = (byte)((left >>> 16) & 0xff);
+        out[outOff + 6] = (byte)((left >>>  8) & 0xff);
+        out[outOff + 7] = (byte)( left         & 0xff);
+    }
+}
diff --git a/src/org/xwt/HTTP.java b/src/org/xwt/HTTP.java
index ec46105..2980ed5 100644
--- a/src/org/xwt/HTTP.java
+++ b/src/org/xwt/HTTP.java
@@ -442,7 +442,13 @@ public class HTTP {
         if (Log.on) Log.log(this, "Proxy AuthChallenge: " + h0.get("proxy-authenticate"));
         Hashtable h = parseAuthenticationChallenge(h0.get("proxy-authenticate").toString());
         String style = h.get("AUTHTYPE").toString();
-        String realm = h.get("realm").toString();
+        String realm = (String)h.get("realm");
+
+        if (style.equals("NTLM") && Proxy.Authorization.authorization2 == null) {
+            Log.log(this, "Proxy identified itself as NTLM, sending Type 1 packet");
+            Proxy.Authorization.authorization2 = "NTLM " + Base64.encode(Proxy.NTLM.type1);
+            return;
+        }
 
         if (!realm.equals("Digest") || Proxy.Authorization.authorization2 == null || !"true".equals(h.get("stale")))
             Proxy.Authorization.getPassword(realm, style, sock.getInetAddress().getHostAddress(), Proxy.Authorization.authorization);
@@ -464,6 +470,22 @@ public class HTTP {
                 (h.get("opaque") == null ? "" : ("opaque=\"" + h.get("opaque") + "\", ")) + 
                 "response=\"" + H(H(A1) + ":" + h.get("nonce") + ":" + H(A2)) + "\", " +
                 "algorithm=MD5";
+
+        } else if (style.equals("NTLM")) {
+            Log.log(this, "Proxy identified itself as NTLM, got Type 2 packet");
+            byte[] type2 = Base64.decode(((String)h0.get("proxy-authenticate")).substring(5).trim());
+            for(int i=0; i<type2.length; i += 4) {
+                String log = "";
+                if (i<type2.length) log += Integer.toString(type2[i] & 0xff, 16) + " ";
+                if (i+1<type2.length) log += Integer.toString(type2[i+1] & 0xff, 16) + " ";
+                if (i+2<type2.length) log += Integer.toString(type2[i+2] & 0xff, 16) + " ";
+                if (i+3<type2.length) log += Integer.toString(type2[i+3] & 0xff, 16) + " ";
+                Log.log(this, log);
+            }
+            // FIXME: need to keep the connection open between type1 and type3
+            // FIXME: finish this
+            //byte[] type3 = Proxy.NTLM.getResponse(
+            //Proxy.Authorization.authorization2 = "NTLM " + Base64.encode(type3));
         }            
     }
 
@@ -989,6 +1011,381 @@ public class HTTP {
         
         }
 
-    }
+        /**
+         *  An implementation of Microsoft's proprietary NTLM authentication protocol.  This code was derived from Eric
+         *  Glass's work, and is copyright as follows:
+         *
+         *  Copyright (c) 2003 Eric Glass     (eglass1 at comcast.net). 
+         *
+         *  Permission to use, copy, modify, and distribute this document for any purpose and without any fee is hereby
+         *  granted, provided that the above copyright notice and this list of conditions appear in all copies.
+         *  The most current version of this document may be obtained from http://davenport.sourceforge.net/ntlm.html .
+         */ 
+        public static class NTLM {
+            
+            public static final byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01,
+                                                            0x00, 0x00, 0x00, 0x00, 0x02, 0x02, 0x00 };
+            
+            /**
+             * Calculates the NTLM Response for the given challenge, using the
+             * specified password.
+             *
+             * @param password The user's password.
+             * @param challenge The Type 2 challenge from the server.
+             *
+             * @return The NTLM Response.
+             */
+            public static byte[] getNTLMResponse(String password, byte[] challenge)
+                throws Exception {
+                byte[] ntlmHash = ntlmHash(password);
+                return lmResponse(ntlmHash, challenge);
+            }
+
+            /**
+             * Calculates the LM Response for the given challenge, using the specified
+             * password.
+             *
+             * @param password The user's password.
+             * @param challenge The Type 2 challenge from the server.
+             *
+             * @return The LM Response.
+             */
+            public static byte[] getLMResponse(String password, byte[] challenge)
+                throws Exception {
+                byte[] lmHash = lmHash(password);
+                return lmResponse(lmHash, challenge);
+            }
+
+            /**
+             * Calculates the NTLMv2 Response for the given challenge, using the
+             * specified authentication target, username, password, target information
+             * block, and client challenge.
+             *
+             * @param target The authentication target (i.e., domain).
+             * @param user The username. 
+             * @param password The user's password.
+             * @param targetInformation The target information block from the Type 2
+             * message.
+             * @param challenge The Type 2 challenge from the server.
+             * @param clientChallenge The random 8-byte client challenge. 
+             *
+             * @return The NTLMv2 Response.
+             */
+            public static byte[] getNTLMv2Response(String target, String user,
+                                                   String password, byte[] targetInformation, byte[] challenge,
+                                                   byte[] clientChallenge) throws Exception {
+                byte[] ntlmv2Hash = ntlmv2Hash(target, user, password);
+                byte[] blob = createBlob(targetInformation, clientChallenge);
+                return lmv2Response(ntlmv2Hash, blob, challenge);
+            }
+
+            /**
+             * Calculates the LMv2 Response for the given challenge, using the
+             * specified authentication target, username, password, and client
+             * challenge.
+             *
+             * @param target The authentication target (i.e., domain).
+             * @param user The username.
+             * @param password The user's password.
+             * @param challenge The Type 2 challenge from the server.
+             * @param clientChallenge The random 8-byte client challenge.
+             *
+             * @return The LMv2 Response. 
+             */
+            public static byte[] getLMv2Response(String target, String user,
+                                                 String password, byte[] challenge, byte[] clientChallenge)
+                throws Exception {
+                byte[] ntlmv2Hash = ntlmv2Hash(target, user, password);
+                return lmv2Response(ntlmv2Hash, clientChallenge, challenge);
+            }
+
+            /**
+             * Calculates the NTLM2 Session Response for the given challenge, using the
+             * specified password and client challenge.
+             *
+             * @param password The user's password.
+             * @param challenge The Type 2 challenge from the server.
+             * @param clientChallenge The random 8-byte client challenge.
+             *
+             * @return The NTLM2 Session Response.  This is placed in the NTLM
+             * response field of the Type 3 message; the LM response field contains
+             * the client challenge, null-padded to 24 bytes.
+             */
+            public static byte[] getNTLM2SessionResponse(String password,
+                                                         byte[] challenge, byte[] clientChallenge) throws Exception {
+                byte[] ntlmHash = ntlmHash(password);
+                MD5Digest md5 = new MD5Digest();
+                md5.update(challenge, 0, challenge.length);
+                md5.update(clientChallenge, 0, clientChallenge.length);
+                byte[] sessionHash = new byte[8];
+                byte[] md5_out = new byte[md5.getDigestSize()];
+                md5.doFinal(md5_out, 0);
+                System.arraycopy(md5_out, 0, sessionHash, 0, 8);
+                return lmResponse(ntlmHash, sessionHash);
+            }
+
+            /**
+             * Creates the LM Hash of the user's password.
+             *
+             * @param password The password.
+             *
+             * @return The LM Hash of the given password, used in the calculation
+             * of the LM Response.
+             */
+            private static byte[] lmHash(String password) throws Exception {
+                /*
+                byte[] oemPassword = password.toUpperCase().getBytes("US-ASCII");
+                int length = java.lang.Math.min(oemPassword.length, 14);
+                byte[] keyBytes = new byte[14];
+                System.arraycopy(oemPassword, 0, keyBytes, 0, length);
+                Key lowKey = createDESKey(keyBytes, 0);
+                Key highKey = createDESKey(keyBytes, 7);
+                byte[] magicConstant = "KGS!@#$%".getBytes("US-ASCII");
+                Cipher des = Cipher.getInstance("DES/ECB/NoPadding");
+                des.init(Cipher.ENCRYPT_MODE, lowKey);
+                byte[] lowHash = des.doFinal(magicConstant);
+                des.init(Cipher.ENCRYPT_MODE, highKey);
+                byte[] highHash = des.doFinal(magicConstant);
+                byte[] lmHash = new byte[16];
+                System.arraycopy(lowHash, 0, lmHash, 0, 8);
+                System.arraycopy(highHash, 0, lmHash, 8, 8);
+                return lmHash;
+                */
+                return null; // FIXME
+            }
+
+            /**
+             * Creates the NTLM Hash of the user's password.
+             *
+             * @param password The password.
+             *
+             * @return The NTLM Hash of the given password, used in the calculation
+             * of the NTLM Response and the NTLMv2 and LMv2 Hashes.
+             */
+            private static byte[] ntlmHash(String password) throws Exception {
+                byte[] unicodePassword = password.getBytes("UnicodeLittleUnmarked");
+                MD4Digest md4 = new MD4Digest();
+                md4.update(unicodePassword, 0, unicodePassword.length);
+                byte[] ret = new byte[md4.getDigestSize()];
+                return ret;
+            }
+
+            /**
+             * Creates the NTLMv2 Hash of the user's password.
+             *
+             * @param target The authentication target (i.e., domain).
+             * @param user The username.
+             * @param password The password.
+             *
+             * @return The NTLMv2 Hash, used in the calculation of the NTLMv2
+             * and LMv2 Responses. 
+             */
+            private static byte[] ntlmv2Hash(String target, String user,
+                                             String password) throws Exception {
+                byte[] ntlmHash = ntlmHash(password);
+                String identity = user.toUpperCase() + target.toUpperCase();
+                return hmacMD5(identity.getBytes("UnicodeLittleUnmarked"), ntlmHash);
+            }
 
+            /**
+             * Creates the LM Response from the given hash and Type 2 challenge.
+             *
+             * @param hash The LM or NTLM Hash.
+             * @param challenge The server challenge from the Type 2 message.
+             *
+             * @return The response (either LM or NTLM, depending on the provided
+             * hash).
+             */
+            private static byte[] lmResponse(byte[] hash, byte[] challenge)
+                throws Exception {
+                /*
+                byte[] keyBytes = new byte[21];
+                System.arraycopy(hash, 0, keyBytes, 0, 16);
+                Key lowKey = createDESKey(keyBytes, 0);
+                Key middleKey = createDESKey(keyBytes, 7);
+                Key highKey = createDESKey(keyBytes, 14);
+                Cipher des = Cipher.getInstance("DES/ECB/NoPadding");
+                des.init(Cipher.ENCRYPT_MODE, lowKey);
+                byte[] lowResponse = des.doFinal(challenge);
+                des.init(Cipher.ENCRYPT_MODE, middleKey);
+                byte[] middleResponse = des.doFinal(challenge);
+                des.init(Cipher.ENCRYPT_MODE, highKey);
+                byte[] highResponse = des.doFinal(challenge);
+                byte[] lmResponse = new byte[24];
+                System.arraycopy(lowResponse, 0, lmResponse, 0, 8);
+                System.arraycopy(middleResponse, 0, lmResponse, 8, 8);
+                System.arraycopy(highResponse, 0, lmResponse, 16, 8);
+                return lmResponse;
+                */
+                return null; // FIXME
+            }
+
+            /**
+             * Creates the LMv2 Response from the given hash, client data, and
+             * Type 2 challenge.
+             *
+             * @param hash The NTLMv2 Hash.
+             * @param clientData The client data (blob or client challenge).
+             * @param challenge The server challenge from the Type 2 message.
+             *
+             * @return The response (either NTLMv2 or LMv2, depending on the
+             * client data).
+             */
+            private static byte[] lmv2Response(byte[] hash, byte[] clientData,
+                                               byte[] challenge) throws Exception {
+                byte[] data = new byte[challenge.length + clientData.length];
+                System.arraycopy(challenge, 0, data, 0, challenge.length);
+                System.arraycopy(clientData, 0, data, challenge.length,
+                                 clientData.length);
+                byte[] mac = hmacMD5(data, hash);
+                byte[] lmv2Response = new byte[mac.length + clientData.length];
+                System.arraycopy(mac, 0, lmv2Response, 0, mac.length);
+                System.arraycopy(clientData, 0, lmv2Response, mac.length,
+                                 clientData.length);
+                return lmv2Response;
+            }
+
+            /**
+             * Creates the NTLMv2 blob from the given target information block and
+             * client challenge.
+             *
+             * @param targetInformation The target information block from the Type 2
+             * message.
+             * @param clientChallenge The random 8-byte client challenge.
+             *
+             * @return The blob, used in the calculation of the NTLMv2 Response.
+             */
+            private static byte[] createBlob(byte[] targetInformation,
+                                             byte[] clientChallenge) {
+                byte[] blobSignature = new byte[] {
+                    (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x00
+                };
+                byte[] reserved = new byte[] {
+                    (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+                };
+                byte[] unknown1 = new byte[] {
+                    (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+                };
+                byte[] unknown2 = new byte[] {
+                    (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00
+                };
+                long time = System.currentTimeMillis();
+                time += 11644473600000l; // milliseconds from January 1, 1601 -> epoch.
+                time *= 10000; // tenths of a microsecond.
+                // convert to little-endian byte array.
+                byte[] timestamp = new byte[8];
+                for (int i = 0; i < 8; i++) {
+                    timestamp[i] = (byte) time;
+                    time >>>= 8;
+                }
+                byte[] blob = new byte[blobSignature.length + reserved.length +
+                                       timestamp.length + clientChallenge.length +
+                                       unknown1.length + targetInformation.length +
+                                       unknown2.length];
+                int offset = 0;
+                System.arraycopy(blobSignature, 0, blob, offset, blobSignature.length);
+                offset += blobSignature.length;
+                System.arraycopy(reserved, 0, blob, offset, reserved.length);
+                offset += reserved.length;
+                System.arraycopy(timestamp, 0, blob, offset, timestamp.length);
+                offset += timestamp.length;
+                System.arraycopy(clientChallenge, 0, blob, offset,
+                                 clientChallenge.length);
+                offset += clientChallenge.length;
+                System.arraycopy(unknown1, 0, blob, offset, unknown1.length);
+                offset += unknown1.length;
+                System.arraycopy(targetInformation, 0, blob, offset,
+                                 targetInformation.length);
+                offset += targetInformation.length;
+                System.arraycopy(unknown2, 0, blob, offset, unknown2.length);
+                return blob;
+            }
+
+            /**
+             * Calculates the HMAC-MD5 hash of the given data using the specified
+             * hashing key.
+             *
+             * @param data The data for which the hash will be calculated. 
+             * @param key The hashing key.
+             *
+             * @return The HMAC-MD5 hash of the given data.
+             */
+            private static byte[] hmacMD5(byte[] data, byte[] key) throws Exception {
+                byte[] ipad = new byte[64];
+                byte[] opad = new byte[64];
+                for (int i = 0; i < 64; i++) {
+                    ipad[i] = (byte) 0x36;
+                    opad[i] = (byte) 0x5c;
+                }
+                for (int i = key.length - 1; i >= 0; i--) {
+                    ipad[i] ^= key[i];
+                    opad[i] ^= key[i];
+                }
+                byte[] content = new byte[data.length + 64];
+                System.arraycopy(ipad, 0, content, 0, 64);
+                System.arraycopy(data, 0, content, 64, data.length);
+                MD5Digest md5 = new MD5Digest();
+                md5.update(content, 0, content.length);
+                data = new byte[md5.getDigestSize()];
+                md5.doFinal(data, 0);
+                content = new byte[data.length + 64];
+                System.arraycopy(opad, 0, content, 0, 64);
+                System.arraycopy(data, 0, content, 64, data.length);
+                md5 = new MD5Digest();
+                md5.update(content, 0, content.length);
+                byte[] ret = new byte[md5.getDigestSize()];
+                md5.doFinal(ret, 0);
+                return ret;
+            }
+
+            /**
+             * Creates a DES encryption key from the given key material.
+             *
+             * @param bytes A byte array containing the DES key material.
+             * @param offset The offset in the given byte array at which
+             * the 7-byte key material starts.
+             *
+             * @return A DES encryption key created from the key material
+             * starting at the specified offset in the given byte array.
+             */
+                /*
+            private static Key createDESKey(byte[] bytes, int offset) {
+                byte[] keyBytes = new byte[7];
+                System.arraycopy(bytes, offset, keyBytes, 0, 7);
+                byte[] material = new byte[8];
+                material[0] = keyBytes[0];
+                material[1] = (byte) (keyBytes[0] << 7 | (keyBytes[1] & 0xff) >>> 1);
+                material[2] = (byte) (keyBytes[1] << 6 | (keyBytes[2] & 0xff) >>> 2);
+                material[3] = (byte) (keyBytes[2] << 5 | (keyBytes[3] & 0xff) >>> 3);
+                material[4] = (byte) (keyBytes[3] << 4 | (keyBytes[4] & 0xff) >>> 4);
+                material[5] = (byte) (keyBytes[4] << 3 | (keyBytes[5] & 0xff) >>> 5);
+                material[6] = (byte) (keyBytes[5] << 2 | (keyBytes[6] & 0xff) >>> 6);
+                material[7] = (byte) (keyBytes[6] << 1);
+                oddParity(material);
+                return new SecretKeySpec(material, "DES");
+            }
+                */
+
+            /**
+             * Applies odd parity to the given byte array.
+             *
+             * @param bytes The data whose parity bits are to be adjusted for
+             * odd parity.
+             */
+            private static void oddParity(byte[] bytes) {
+                for (int i = 0; i < bytes.length; i++) {
+                    byte b = bytes[i];
+                    boolean needsParity = (((b >>> 7) ^ (b >>> 6) ^ (b >>> 5) ^
+                                            (b >>> 4) ^ (b >>> 3) ^ (b >>> 2) ^
+                                            (b >>> 1)) & 0x01) == 0;
+                    if (needsParity) {
+                        bytes[i] |= (byte) 0x01;
+                    } else {
+                        bytes[i] &= (byte) 0xfe;
+                    }
+                }
+            }
+
+        }
+    }
 }