diff options
| author | Dinglan Peng <pengdinglan@gmail.com> | 2022-12-21 15:52:31 -0500 |
|---|---|---|
| committer | Dinglan Peng <pengdinglan@gmail.com> | 2022-12-21 15:52:31 -0500 |
| commit | b776e1495e7841aa4b7ffb5db0d636f644a55aca (patch) | |
| tree | eb929182bd1c02b065d67cd3045bc23e6855362a | |
| parent | 4fb2d6c497dc2e307400ff581f9292758c709b40 (diff) | |
| download | novnc-b776e1495e7841aa4b7ffb5db0d636f644a55aca.tar.gz | |
Add MSLogonII security type
| -rw-r--r-- | core/rfb.js | 61 | ||||
| -rw-r--r-- | tests/test.rfb.js | 80 |
2 files changed, 141 insertions, 0 deletions
diff --git a/core/rfb.js b/core/rfb.js index c96518d..2ccd61a 100644 --- a/core/rfb.js +++ b/core/rfb.js @@ -62,6 +62,7 @@ const securityTypeTight = 16; const securityTypeVeNCrypt = 19; const securityTypeXVP = 22; const securityTypeARD = 30; +const securityTypeMSLogonII = 113; // Special Tight security types const securityTypeUnixLogon = 129; @@ -1392,6 +1393,7 @@ export default class RFB extends EventTargetMixin { securityTypeVeNCrypt, securityTypeXVP, securityTypeARD, + securityTypeMSLogonII, securityTypePlain, ]; @@ -1903,6 +1905,62 @@ export default class RFB extends EventTargetMixin { return false; } + _negotiateMSLogonIIAuth() { + if (this._sock.rQwait("mslogonii dh param", 24)) { return false; } + + if (this._rfbCredentials.username === undefined || + this._rfbCredentials.password === undefined) { + this.dispatchEvent(new CustomEvent( + "credentialsrequired", + { detail: { types: ["username", "password"] } })); + return false; + } + + const g = this._sock.rQshiftBytes(8); + const p = this._sock.rQshiftBytes(8); + const A = this._sock.rQshiftBytes(8); + const b = window.crypto.getRandomValues(new Uint8Array(8)); + const B = new Uint8Array(this._modPow(g, b, p)); + const secret = new Uint8Array(this._modPow(A, b, p)); + + const des = new DES(secret); + const username = encodeUTF8(this._rfbCredentials.username).substring(0, 255); + const password = encodeUTF8(this._rfbCredentials.password).substring(0, 63); + const usernameBytes = new Uint8Array(256); + const passwordBytes = new Uint8Array(64); + window.crypto.getRandomValues(usernameBytes); + window.crypto.getRandomValues(passwordBytes); + for (let i = 0; i < username.length; i++) { + usernameBytes[i] = username.charCodeAt(i); + } + usernameBytes[username.length] = 0; + for (let i = 0; i < password.length; i++) { + passwordBytes[i] = password.charCodeAt(i); + } + passwordBytes[password.length] = 0; + let x = new Uint8Array(secret); + for (let i = 0; i < 32; i++) { + for (let j = 0; j < 8; j++) { + x[j] ^= usernameBytes[i * 8 + j]; + } + x = des.enc8(x); + usernameBytes.set(x, i * 8); + } + x = new Uint8Array(secret); + for (let i = 0; i < 8; i++) { + for (let j = 0; j < 8; j++) { + x[j] ^= passwordBytes[i * 8 + j]; + } + x = des.enc8(x); + passwordBytes.set(x, i * 8); + } + this._sock.send(B); + this._sock.send(usernameBytes); + this._sock.send(passwordBytes); + this._rfbInitState = "SecurityResult"; + return true; + } + _negotiateAuthentication() { switch (this._rfbAuthScheme) { case securityTypeNone: @@ -1933,6 +1991,9 @@ export default class RFB extends EventTargetMixin { case securityTypeRA2ne: return this._negotiateRA2neAuth(); + case securityTypeMSLogonII: + return this._negotiateMSLogonIIAuth(); + default: return this._fail("Unsupported auth scheme (scheme: " + this._rfbAuthScheme + ")"); diff --git a/tests/test.rfb.js b/tests/test.rfb.js index ad00edf..2da3818 100644 --- a/tests/test.rfb.js +++ b/tests/test.rfb.js @@ -1336,6 +1336,86 @@ describe('Remote Frame Buffer Protocol Client', function () { }); }); + describe('MSLogonII Authentication (type 113) Handler', function () { + function fakeGetRandomValues(arr) { + if (arr.length == 8) { + arr.set(new Uint8Array([0, 0, 0, 0, 5, 6, 7, 8])); + } else if (arr.length == 256) { + arr.set(new Uint8Array(256)); + } else if (arr.length == 64) { + arr.set(new Uint8Array(64)); + } + return arr; + } + const expected = new Uint8Array([ + 0x00, 0x00, 0x00, 0x00, 0x0a, 0xbc, 0x7c, 0xfd, + 0x58, 0x34, 0xd2, 0x24, 0x44, 0x60, 0xf0, 0xd1, + 0xa3, 0x73, 0x32, 0x02, 0x07, 0xce, 0xc1, 0x3f, + 0x10, 0x53, 0xf1, 0xdd, 0x99, 0xad, 0x44, 0x18, + 0xa1, 0xc4, 0xac, 0xc1, 0x1c, 0x13, 0x11, 0x85, + 0x3a, 0x6f, 0xcb, 0xc6, 0xb1, 0x6c, 0x68, 0x47, + 0x85, 0x01, 0xbb, 0xfa, 0x23, 0x8c, 0x59, 0x47, + 0x67, 0x47, 0x56, 0x6e, 0x6f, 0x9f, 0x07, 0x76, + 0x2e, 0x90, 0x1e, 0xdc, 0x80, 0xc4, 0x4b, 0x72, + 0xd2, 0xd5, 0xcd, 0x4b, 0x14, 0xff, 0x05, 0x8b, + 0x8d, 0xf1, 0x9b, 0xe0, 0xff, 0xa5, 0x3b, 0x56, + 0xb9, 0x6f, 0x84, 0x3e, 0x15, 0x84, 0x31, 0x4e, + 0x10, 0x0b, 0x56, 0xf4, 0x10, 0x05, 0x02, 0xc7, + 0x05, 0x0b, 0xc9, 0x66, 0x75, 0x32, 0xd3, 0x74, + 0xfc, 0x8c, 0xcf, 0xbd, 0x2d, 0x53, 0xd7, 0xa7, + 0xca, 0x82, 0x12, 0xce, 0xbb, 0x33, 0x09, 0x3f, + 0xff, 0x76, 0x7c, 0xdf, 0x2c, 0x2f, 0x4d, 0x95, + 0x86, 0xe4, 0x10, 0x07, 0x75, 0x1a, 0x6d, 0xdb, + 0x05, 0x91, 0x70, 0x34, 0x5c, 0x12, 0xbc, 0x4e, + 0x5e, 0xd0, 0x21, 0x39, 0x25, 0x2b, 0x62, 0x19, + 0x29, 0xa5, 0xe6, 0x93, 0x7b, 0xf8, 0x3f, 0xcf, + 0xd7, 0x3f, 0x0c, 0xd2, 0x68, 0x2d, 0x1e, 0x01, + 0x1a, 0x31, 0xc1, 0x59, 0x04, 0x06, 0xf6, 0x3b, + 0xec, 0x38, 0xef, 0x1b, 0x5b, 0x39, 0x88, 0xd3, + 0xe0, 0x5b, 0xb9, 0xef, 0xc3, 0x82, 0xfa, 0xdf, + 0x04, 0xf7, 0x65, 0x56, 0x82, 0x77, 0xfd, 0x63, + 0x10, 0xd7, 0xab, 0x0b, 0x5e, 0xd9, 0x07, 0x81, + 0x9d, 0xce, 0x26, 0xfb, 0x5d, 0xa8, 0x59, 0x2a, + 0xd9, 0xb8, 0xac, 0xcd, 0x6e, 0x61, 0x07, 0x39, + 0x9f, 0x8d, 0xdf, 0x53, 0x44, 0xab, 0x28, 0x01, + 0x86, 0x4d, 0x07, 0x8a, 0x5b, 0xdd, 0xc1, 0x18, + 0x29, 0xaa, 0xa2, 0xbe, 0xe2, 0x9c, 0x9e, 0xb0, + 0xb3, 0x2b, 0x2c, 0x93, 0x3e, 0x82, 0x07, 0xa6, + 0xef, 0x21, 0x2c, 0xa7, 0xf0, 0x65, 0xba, 0xda, + 0x13, 0xe4, 0x41, 0x87, 0x36, 0x1c, 0xa5, 0x81, + 0xae, 0xf3, 0x3e, 0xda, 0x03, 0x09, 0x63, 0x4b, + 0xb5, 0x29, 0x49, 0xfa, 0xbb, 0xa6, 0x31, 0x3c, + 0xc8, 0x15, 0xfb, 0xfc, 0xd6, 0xff, 0x04, 0x92, + 0x56, 0xbc, 0x66, 0xf1, 0x78, 0xfb, 0x14, 0x79, + 0x48, 0xd2, 0xcf, 0x87, 0x60, 0x23, 0xcf, 0xdb, + 0x1b, 0xad, 0x42, 0x32, 0x4e, 0x6d, 0x1f, 0x49, + ]); + before(() => { + sinon.stub(window.crypto, "getRandomValues").callsFake(fakeGetRandomValues); + }); + after(() => { + window.crypto.getRandomValues.restore(); + }); + it('should send public value and encrypted credentials', function () { + client._rfbCredentials = { username: 'username', + password: 'password123456' }; + sendSecurity(113, client); + + expect(client._sock).to.have.sent([113]); + + const g = new Uint8Array([0, 0, 0, 0, 0, 1, 0, 1]); + const p = new Uint8Array([0, 0, 0, 0, 0x25, 0x18, 0x26, 0x17]); + const A = new Uint8Array([0, 0, 0, 0, 0x0e, 0x12, 0xd0, 0xf5]); + + client._sock._websocket._receiveData(g); + client._sock._websocket._receiveData(p); + client._sock._websocket._receiveData(A); + + expect(client._sock).to.have.sent(expected); + expect(client._rfbInitState).to.equal('SecurityResult'); + }); + }); + describe('XVP Authentication (type 22) Handler', function () { it('should fall through to standard VNC authentication upon completion', function () { client._rfbCredentials = { username: 'user', |