replace BigDecimal and Bit String code with Buffer

2012-06-01 18:09:45 +10:00 · 2012-06-01 18:09:45 +10:00 · 43ae5fbc7f
parent 8b97ec3803
commit 43ae5fbc7f
6 changed files with 228 additions and 123 deletions
--- a/README.md
+++ b/README.md
@ -34,3 +34,7 @@ NT Hash: 5FBC3D5FEC8206A30F4B6C473D68AE76
     The NTLM Authentication Protocol and Security Support Provider
     Copyright (C) 2003, 2006 Eric Glass
     http://davenport.sourceforge.net/ntlm.html
+     
+     NTLM Authentication Scheme for HTTP
+     Ronald Tschalaer / 17. June 2003
+     http://www.innovation.ch/personal/ronald/ntlm.html
--- a/lib/common.js
+++ b/lib/common.js
@ -0,0 +1,77 @@
+/*
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Copyright (C) 2012  Joshua M. Clulow <josh@sysmgr.org>
+ */
+
+var crypto = require('crypto');
+
+function zeroextend(str, len)
+{
+  while (str.length < len)
+    str = '0' + str;
+  return (str);
+}
+
+/*
+ * Fix (odd) parity bits in a 64-bit DES key.
+ */
+function oddpar(buf)
+{
+  for (var j = 0; j < buf.length; j++) {
+    var par = 1;
+    for (var i = 1; i < 8; i++) {
+      par = (par + ((buf[j] >> i) & 1)) % 2;
+    }
+    buf[j] |= par & 1;
+  }
+  return buf;
+}
+
+/*
+ * Expand a 56-bit key buffer to the full 64-bits for DES.
+ *
+ * Based on code sample in:
+ *    http://www.innovation.ch/personal/ronald/ntlm.html
+ */
+function expandkey(key56)
+{
+  var key64 = new Buffer(8);
+
+  key64[0] = key56[0] & 0xFE;
+  key64[1] = ((key56[0] << 7) & 0xFF) | (key56[1] >> 1);
+  key64[2] = ((key56[1] << 6) & 0xFF) | (key56[2] >> 2);
+  key64[3] = ((key56[2] << 5) & 0xFF) | (key56[3] >> 3);
+  key64[4] = ((key56[3] << 4) & 0xFF) | (key56[4] >> 4);
+  key64[5] = ((key56[4] << 3) & 0xFF) | (key56[5] >> 5);
+  key64[6] = ((key56[5] << 2) & 0xFF) | (key56[6] >> 6);
+  key64[7] =  (key56[6] << 1) & 0xFF;
+
+  return key64;
+}
+
+/*
+ * Convert a binary string to a hex string
+ */
+function bintohex(bin)
+{
+  var buf = (Buffer.isBuffer(buf) ? buf : new Buffer(bin, 'binary'));
+  var str = buf.toString('hex').toUpperCase();
+  return zeroextend(str, 32);
+}
+
+
+module.exports.zeroextend = zeroextend;
+module.exports.oddpar = oddpar;
+module.exports.expandkey = expandkey;
+module.exports.bintohex = bintohex;
--- a/lib/smbhash.js
+++ b/lib/smbhash.js
@ -11,96 +11,71 @@
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
- * Copyright (C) 2011  Joshua M. Clulow <josh@sysmgr.org>
+ * Copyright (C) 2011-2012  Joshua M. Clulow <josh@sysmgr.org>
 */

 var crypto = require('crypto');
-var BigInteger = require('bigdecimal').BigInteger;
-
-function zeroExtend(str, len)
-{
-	while (str.length < len)
-		str = '0' + str;
-	return (str);
-}
-
-/* number -> 8bit binary string */
-function bbs(num)
-{
-	var s = BigInteger.valueOf(num).toString(2);
-	return (zeroExtend(s, 8));
-}
-
-/* 7bit bit string -> 8bit odd parity bit string */
-function oddpar(bitstr)
-{
-	var par = 1;
-	for (var i = 0; i < bitstr.length; i++) {
-		if (bitstr[i] === '1')
-			par = (par + 1) % 2;
-	}
-	return (bitstr + String(par));
-}
-
-/* 64bit bit string -> 8byte binary string */
-function binkey(bitstr)
-{
-	var out = new Buffer(8);
-	var bi = new BigInteger(bitstr, 2);
-	for (var i = 0; i < 8; i++) {
-		var bi = new BigInteger(bitstr.substr(8 * i, 8), 2);
-		out[i] = bi.intValue();
-	}
-	return out.toString('binary');
-}
+var $ = require('./common');

 /*
 * Generate the LM Hash
 */
-module.exports.lmhash = function lmhash(inputstr)
+function lmhashbuf(inputstr)
 {
-	/* ASCII --> uppercase */
-	var x = inputstr.toUpperCase();
+  /* ASCII --> uppercase */
+  var x = inputstr.toUpperCase();
+  var xl = Buffer.byteLength(x, 'ascii');

-	/* null pad to 14 bytes */
-	var y = "";
-	for (var i = 0; i < 14; i++) {
-		if (i < x.length)
-			y += bbs(x.charCodeAt(i));
-		else
-			y += '00000000';
-	}
+  /* null pad to 14 bytes */
+  var y = new Buffer(14);
+  y.write(x, 0, xl, 'ascii');
+  y.fill(0, xl);

-	/* insert odd parity bits in key */
-	var os = "";
-	for (var i = 0; i < y.length / 7; i++) {
-		os += oddpar(y.substr(i * 7, 7));
-	}
+  /* insert odd parity bits in key */
+  var halves = [
+    $.oddpar($.expandkey(y.slice(0, 7))),
+    $.oddpar($.expandkey(y.slice(7, 14)))
+  ];

-	/* split into two 8-byte DES keys */
-	var halves = [os.substr(0, 64), os.substr(64, 64)];
+  /* DES encrypt magic number "KGS!@#$%" to two
+   * 8-byte ciphertexts, (ECB, no padding)
+   */
+  var buf = new Buffer(16);
+  var pos = 0;
+  var cts = halves.forEach(function(z) {
+    var key = z.toString('binary');
+    var des = crypto.createCipheriv('DES-ECB', key, '');
+    var str = des.update('KGS!@#$%', 'binary', 'binary');
+    buf.write(str, pos, pos + 8, 'binary');
+    pos += 8;
+  });

-	/* DES encrypt magic number "KGS!@#$%" to two
-	 * 8-byte ciphertexts, (ECB, no padding)
-	 */
-	var cts = [];
-	for (var i = 0; i < halves.length; i++) {
-		var des = crypto.createCipheriv('DES-ECB',
-		    binkey(halves[i]), '');
-		cts[i] = des.update('KGS!@#$%', 'binary', 'hex');
-	}
-
-	/* concat the two ciphertexts to form 16byte value,
-	 * the LM hash */
-	var out = zeroExtend(cts[0], 16) + zeroExtend(cts[1], 16);
-	return (out.toUpperCase());
+  /* concat the two ciphertexts to form 16byte value,
+   * the LM hash */
+  return buf;
 }

-module.exports.nthash = function nthash(str)
+function nthashbuf(str)
 {
-	/* take MD4 hash of UCS-2 encoded password */
-	var ucs2 = new Buffer(str, 'ucs2');
-	var md4 = crypto.createHash('md4');
-	md4.update(ucs2);
-	return (zeroExtend(md4.digest('hex'), 32).toUpperCase());
+  /* take MD4 hash of UCS-2 encoded password */
+  var ucs2 = new Buffer(str, 'ucs2');
+  var md4 = crypto.createHash('md4');
+  md4.update(ucs2);
+  return new Buffer(md4.digest('binary'), 'binary');
 }
+
+function lmhash(is)
+{
+  return $.bintohex(lmhashbuf(is));
+}
+
+function nthash(is)
+{
+  return $.bintohex(nthashbuf(is));
+}
+
+module.exports.nthashbuf = nthashbuf;
+module.exports.lmhashbuf = lmhashbuf;
+
+module.exports.nthash = nthash;
+module.exports.lmhash = lmhash;
--- a/package.json
+++ b/package.json
@ -1,23 +1,21 @@
 {
-	"name": "smbhash",
-	"version": "0.0.1",
-	"dependencies": {
-		"bigdecimal": ">= 0.6.0"
-	},
-	"devDependencies": {
-		"nodeunit": "*"
-	},
-	"author": {
-		"name": "Joshua M. Clulow",
-		"email": "josh@sysmgr.org",
-		"url": "http://blog.sysmgr.org"
-	},
-	"repository": {
-		"type": "git",
-		"url": "git://github.com/jclulow/node-smbhash"
-	},
-	"engines": [ "node" ],
-	"main": "lib/smbhash.js",
-	"description": "Samba LM/NT Hash Library",
-	"homepage": "https://github.com/jclulow/node-smbhash"
+  "name": "smbhash",
+  "version": "0.0.1",
+  "dependencies": {},
+  "devDependencies": {
+    "nodeunit": "*"
+  },
+  "author": {
+    "name": "Joshua M. Clulow",
+    "email": "josh@sysmgr.org",
+    "url": "http://blog.sysmgr.org"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/jclulow/node-smbhash"
+  },
+  "engines": [ "node" ],
+  "main": "lib/smbhash.js",
+  "description": "Samba LM/NT Hash Library",
+  "homepage": "https://github.com/jclulow/node-smbhash"
 }
--- a/tests/common.js
+++ b/tests/common.js
@ -0,0 +1,48 @@
+/*
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Copyright (C) 2011  Joshua M. Clulow <josh@sysmgr.org>
+ */
+
+var $ = require('../lib/common');
+
+var GOOD = [
+  { key56: new Buffer([0x53, 0x45, 0x43, 0x52, 0x45, 0x54, 0x30]),
+    raw64: new Buffer([0x52, 0xa2, 0x50, 0x6a, 0x24, 0x2a, 0x50, 0x60]),
+    par64: new Buffer([0x52, 0xa2, 0x51, 0x6b, 0x25, 0x2a, 0x51, 0x61])
+  }
+];
+
+function bufEq(a, b)
+{
+  if (a.length !== b.length)
+    throw new Error(a.inspect() + ' !== ' + b.inspect());
+  for (var i = 0; i < a.length; i++)
+    if (a[i] !== b[i])
+      throw new Error(a.inspect() + ' !== ' + b.inspect());
+}
+
+function oddpar_success(test)
+{
+  test.expect(GOOD.length * 2);
+  for (var i = 0; i < GOOD.length; i++) {
+    var g = GOOD[i];
+    var out = $.expandkey(g.key56);
+    test.doesNotThrow(function() { bufEq(out, g.raw64); });
+    out = $.oddpar(out);
+    test.doesNotThrow(function() { bufEq(out, g.par64); });
+  }
+  test.done();
+}
+
+module.exports.oddpar_success = oddpar_success;
--- a/tests/smbhash.js
+++ b/tests/smbhash.js
@ -11,41 +11,44 @@
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
- * Copyright (C) 2011  Joshua M. Clulow <josh@sysmgr.org>
+ * Copyright (C) 2011-2012  Joshua M. Clulow <josh@sysmgr.org>
 */

 var lmhash = require('../lib/smbhash').lmhash;
 var nthash = require('../lib/smbhash').nthash;

 var GOOD = [
-	{ password: 'pass123',
-	  lmhash: '4FB7D301186E0EB3AAD3B435B51404EE',
-	  nthash: '5FBC3D5FEC8206A30F4B6C473D68AE76' },
-	{ password: 'SecREt01',
-	  lmhash: 'FF3750BCC2B22412C2265B23734E0DAC',
-	  nthash: 'CD06CA7C7E10C99B1D33B7485A2ED808' }
+  { password: 'pass123',
+    lmhash: '4FB7D301186E0EB3AAD3B435B51404EE',
+    nthash: '5FBC3D5FEC8206A30F4B6C473D68AE76' },
+  { password: 'SecREt01',
+    lmhash: 'FF3750BCC2B22412C2265B23734E0DAC',
+    nthash: 'CD06CA7C7E10C99B1D33B7485A2ED808' },
+  { password: 'Beeblebrox',
+    lmhash: '919016F64EC7B00BA235028CA50C7A03',
+    nthash: '8C1B59E32E666DADF175745FAD62C133' }
 ];

 module.exports.nthash_success = function(test) {
-	test.expect(GOOD.length * 2);
-	for (var i = 0; i < GOOD.length; i++) {
-		var g = GOOD[i];
-		test.doesNotThrow(function() {
-			var out = nthash(g.password);
-			test.strictEqual(out, g.nthash);
-		});
-	}
-	test.done();
+  test.expect(GOOD.length * 2);
+  for (var i = 0; i < GOOD.length; i++) {
+    var g = GOOD[i];
+    test.doesNotThrow(function() {
+      var out = nthash(g.password);
+      test.strictEqual(out, g.nthash);
+    });
+  }
+  test.done();
 }

 module.exports.lmhash_success = function(test) {
-	test.expect(GOOD.length * 2);
-	for (var i = 0; i < GOOD.length; i++) {
-		var g = GOOD[i];
-		test.doesNotThrow(function() {
-			var out = lmhash(g.password);
-			test.strictEqual(out, g.lmhash);
-		});
-	}
-	test.done();
+  test.expect(GOOD.length * 2);
+  for (var i = 0; i < GOOD.length; i++) {
+    var g = GOOD[i];
+    test.doesNotThrow(function() {
+      var out = lmhash(g.password);
+      test.strictEqual(out, g.lmhash);
+    });
+  }
+  test.done();
 }