Merge pull request #2 from Rican7/bugfix/ntlmv1-des-key-expansion

Bugfix - NTLMv1 DES key expansion

Author: Rican7

src/Robin/Ntlm/Crypt/Des/AbstractDesEncrypter.php

@@ -0,0 +1,128 @@
+<?php
+/**
+ * Robin NTLM
+ *
+ * @copyright 2015 Robin Powered, Inc.
+ * @link https://robinpowered.com/
+ */
+
+namespace Robin\Ntlm\Crypt\Des;
+
+use SplFixedArray;
+
+/**
+ * {@inheritDoc}
+ *
+ * Provides an abstraction for common NTLM required operations, such as key
+ * expansion and normalization.
+ */
+abstract class AbstractDesEncrypter implements DesEncrypterInterface
+{
+
+    /**
+     * Properties
+     */
+
+    /**
+     * Whether or not to expand and normalize the key before encrypting.
+     *
+     * @type bool
+     */
+    private $expand_and_normalize_keys;
+
+
+    /**
+     * Methods
+     */
+
+    /**
+     * Constructor
+     *
+     * @param bool $expand_and_normalize_keys Whether or not to expand and
+     *   normalize the key before encrypting.
+     */
+    public function __construct($expand_and_normalize_keys = true)
+    {
+        $this->expand_and_normalize_keys = $expand_and_normalize_keys;
+    }
+
+    /**
+     * Process a key for DES encryption.
+     *
+     * Optionally performs an expansion and normalization process to the key.
+     *
+     * @param string $raw_key The raw key.
+     * @return string The processed key.
+     */
+    protected function processKey($raw_key)
+    {
+        $key = $raw_key;
+
+        if ($this->expand_and_normalize_keys) {
+            $key = self::expand56BitKeyTo64BitKey($key, true);
+        }
+
+        return $key;
+    }
+
+    /**
+     * Expands a 56-bit key to a full 64-bit key for DES encryption.
+     *
+     * @link http://php.net/manual/en/ref.hash.php#84587 Implementation basis.
+     * @link https://github.com/jclulow/node-smbhash/blob/edc48e2b/lib/common.js
+     *   Inspired by Joshua Clulow's work.
+     * @param string $string_key The 56-bit key to expand.
+     * @param bool $set_parity Whether or not to set parity for each byte.
+     * @return string The expanded key.
+     */
+    private static function expand56BitKeyTo64BitKey($string_key, $set_parity = true)
+    {
+        $byte_array_56 = new SplFixedArray(7);
+        $byte_array_64 = new SplFixedArray(8);
+        $key_64bit = '';
+
+        // Get the byte value of each ASCII character in the string
+        for ($i = 0; $i < $byte_array_56->getSize(); $i++) {
+            $byte_array_56[$i] = isset($string_key[$i]) ? ord($string_key[$i]) : 0;
+        }
+
+        $byte_array_64[0] = $byte_array_56[0] & 254;
+        $byte_array_64[1] = ($byte_array_56[0] << 7) | ($byte_array_56[1] >> 1);
+        $byte_array_64[2] = ($byte_array_56[1] << 6) | ($byte_array_56[2] >> 2);
+        $byte_array_64[3] = ($byte_array_56[2] << 5) | ($byte_array_56[3] >> 3);
+        $byte_array_64[4] = ($byte_array_56[3] << 4) | ($byte_array_56[4] >> 4);
+        $byte_array_64[5] = ($byte_array_56[4] << 3) | ($byte_array_56[5] >> 5);
+        $byte_array_64[6] = ($byte_array_56[5] << 2) | ($byte_array_56[6] >> 6);
+        $byte_array_64[7] = $byte_array_56[6] << 1;
+
+        foreach ($byte_array_64 as $byte_val) {
+            // Optionally set parity for each byte
+            $byte_val = $set_parity ? self::setParityBit($byte_val) : $byte_val;
+
+            $key_64bit .= chr($byte_val);
+        }
+
+        return $key_64bit;
+    }
+
+    /**
+     * Set an odd parity bit for a given byte, in least-significant position.
+     *
+     * @link https://github.com/jclulow/node-smbhash/blob/edc48e2b/lib/common.js
+     *   Implementation basis.
+     * @param int $byte An 8-bit byte value.
+     * @return int An 8-bit byte value.
+     */
+    private static function setParityBit($byte)
+    {
+        $parity = 1;
+
+        for ($i = 1; $i < 8; $i++) {
+            $parity = ($parity + (($byte >> $i) & 1)) %2;
+        }
+
+        $byte = $byte | ($parity & 1);
+
+        return $byte;
+    }
+}

src/Robin/Ntlm/Crypt/Des/McryptDesEncrypter.php

@@ -11,15 +11,14 @@
 use InvalidArgumentException;
 use Robin\Ntlm\Crypt\CipherMode;
 use Robin\Ntlm\Crypt\Exception\CryptographicFailureException;
-use UnexpectedValueException;
 
 /**
  * An engine used to encrypt data using the DES standard algorithm and
  * implemented using the PHP "mcrypt" extension.
  *
  * @link http://php.net/mcrypt
  */
-class McryptDesEncrypter implements DesEncrypterInterface
+class McryptDesEncrypter extends AbstractDesEncrypter implements DesEncrypterInterface
 {
 
     /**
@@ -52,6 +51,8 @@ public function encrypt($key, $data, $mode, $initialization_vector)
             throw new InvalidArgumentException('Unknown cipher mode "'. $mode .'"');
         }
 
+        $key = $this->processKey($key);
+
         $encrypted = mcrypt_encrypt(MCRYPT_DES, $key, $data, $mode, $initialization_vector);
 
         if (false === $encrypted) {

src/Robin/Ntlm/Crypt/Des/OpenSslDesEncrypter.php

@@ -18,7 +18,7 @@
  *
  * @link http://php.net/openssl
  */
-class OpenSslDesEncrypter implements DesEncrypterInterface
+class OpenSslDesEncrypter extends AbstractDesEncrypter implements DesEncrypterInterface
 {
 
     /**
@@ -65,9 +65,13 @@ class OpenSslDesEncrypter implements DesEncrypterInterface
      *
      * @param bool $zero_pad Whether or not to zero-byte pad the data before
      *   encrypting for some cipher modes.
+     * @param bool $expand_and_normalize_keys Whether or not to expand and
+     *   normalize the key before encrypting.
      */
-    public function __construct($zero_pad = true)
+    public function __construct($zero_pad = true, $expand_and_normalize_keys = true)
     {
+        parent::__construct($expand_and_normalize_keys);
+
         $this->zero_pad = $zero_pad;
     }
 
@@ -84,6 +88,8 @@ public function encrypt($key, $data, $mode, $initialization_vector)
 
         $options = $this->getOpenSslEncryptionOptions();
 
+        $key = $this->processKey($key);
+
         $encrypted = openssl_encrypt($data, $mode, $key, $options, $initialization_vector);
 
         if (false === $encrypted) {

src/Robin/Ntlm/Hasher/LmHasher.php

@@ -13,8 +13,6 @@
 use Robin\Ntlm\Credential\Password;
 use Robin\Ntlm\Crypt\CipherMode;
 use Robin\Ntlm\Crypt\Des\DesEncrypterInterface;
-use Robin\Ntlm\Crypt\Random\RandomByteGeneratorInterface;
-use SplFixedArray;
 
 /**
  * Uses the "LM hash" computation strategy to hash a {@link Password} credential
@@ -53,14 +51,6 @@ class LmHasher implements HasherInterface
      */
     const PASSWORD_SLICE_LENGTH = 7;
 
-    /**
-     * The length of the randomly generated binary string used for generating
-     * each piece of the resulting hash.
-     *
-     * @type int
-     */
-    const RANDOM_BINARY_STRING_LENGTH = 8;
-
     /**
      * The constant known ASCII text to encrypt with the generated keys.
      *
@@ -83,14 +73,6 @@ class LmHasher implements HasherInterface
      */
     private $des_encrypter;
 
-    /**
-     * The generator used to generate cryptographically secure random bytes to
-     * provide an initialization vector for encryption.
-     *
-     * @type RandomByteGeneratorInterface
-     */
-    private $random_byte_generator;
-
 
     /**
      * Methods
@@ -101,16 +83,10 @@ class LmHasher implements HasherInterface
      *
      * @param DesEncrypterInterface $des_encrypter The DES encryption engine
      *   used to generate the hash.
-     * @param RandomByteGeneratorInterface $random_byte_generator Used to
-     *   generate cryptographically secure random bytes to provide an
-     *   initialization vector for encryption.
      */
-    public function __construct(
-        DesEncrypterInterface $des_encrypter,
-        RandomByteGeneratorInterface $random_byte_generator
-    ) {
+    public function __construct(DesEncrypterInterface $des_encrypter)
+    {
         $this->des_encrypter = $des_encrypter;
-        $this->random_byte_generator = $random_byte_generator;
     }
 
     /**
@@ -134,53 +110,16 @@ public function hash(Password $password)
         $binary_hash = array_reduce(
             $halves,
             function ($result, $half) {
-                $expanded = static::expand56BitKeyTo64BitKey($half);
-
                 return $result . $this->des_encrypter->encrypt(
-                    $expanded,
+                    $half,
                     static::ENCRYPT_DATA_CONSTANT,
                     CipherMode::ECB,
-                    $this->random_byte_generator->generate(static::RANDOM_BINARY_STRING_LENGTH)
+                    '' // DES-ECB expects a 0-byte-length initialization vector
                 );
             },
             ''
         );
 
         return Hash::fromBinaryString($binary_hash, HashType::LM);
     }
-
-    /**
-     * Expands a 56-bit key to a full 64-bit key for DES encryption.
-     *
-     * @link http://php.net/manual/en/ref.hash.php#84587 Implementation basis.
-     * @link https://github.com/jclulow/node-smbhash/blob/edc48e2b93067/lib/common.js Inspired by Joshua Clulow's work.
-     * @param string $string_key The 56-bit key to expand
-     * @return string
-     */
-    public static function expand56BitKeyTo64BitKey($string_key)
-    {
-        $byte_array_56 = new SplFixedArray(7);
-        $byte_array_64 = new SplFixedArray(8);
-        $key_64bit = '';
-
-        // Get the byte value of each ASCII character in the string
-        for ($i = 0; $i < $byte_array_56->getSize(); $i++) {
-            $byte_array_56[$i] = isset($string_key[$i]) ? ord($string_key[$i]) : 0;
-        }
-
-        $byte_array_64[0] = $byte_array_56[0] & 254;
-        $byte_array_64[1] = ($byte_array_56[0] << 7) | ($byte_array_56[1] >> 1);
-        $byte_array_64[2] = ($byte_array_56[1] << 6) | ($byte_array_56[2] >> 2);
-        $byte_array_64[3] = ($byte_array_56[2] << 5) | ($byte_array_56[3] >> 3);
-        $byte_array_64[4] = ($byte_array_56[3] << 4) | ($byte_array_56[4] >> 4);
-        $byte_array_64[5] = ($byte_array_56[4] << 3) | ($byte_array_56[5] >> 5);
-        $byte_array_64[6] = ($byte_array_56[5] << 2) | ($byte_array_56[6] >> 6);
-        $byte_array_64[7] = $byte_array_56[6] << 1;
-
-        foreach ($byte_array_64 as $byte_val) {
-            $key_64bit .= chr($byte_val);
-        }
-
-        return $key_64bit;
-    }
 }

src/Robin/Ntlm/Message/NtlmV1AuthenticateMessageEncoder.php

@@ -322,14 +322,11 @@ public function calculateChallengeResponseData(HashCredentialInterface $hash_cre
         $binary_data = array_reduce(
             $key_blocks,
             function ($result, $key_block) use ($data) {
-                // Generate an initialization vector equal to the length of the nonce
-                $initialization_vector = $this->random_byte_generator->generate(strlen($data));
-
                 return $result . $this->des_encrypter->encrypt(
                     $key_block,
                     $data,
                     CipherMode::ECB,
-                    $initialization_vector
+                    '' // DES-ECB expects a 0-byte-length initialization vector
                 );
             },
             ''