2 // Mono.Security.Protocol.Ntlm.ChallengeResponse
3 // Implements Challenge Response for NTLM v1
6 // Sebastien Pouliot <sebastien@ximian.com>
8 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
9 // (C) 2004 Novell (http://www.novell.com)
12 // a. NTLM Authentication Scheme for HTTP, Ronald Tschalär
13 // http://www.innovation.ch/java/ntlm.html
14 // b. The NTLM Authentication Protocol, Copyright © 2003 Eric Glass
15 // http://davenport.sourceforge.net/ntlm.html
19 // Permission is hereby granted, free of charge, to any person obtaining
20 // a copy of this software and associated documentation files (the
21 // "Software"), to deal in the Software without restriction, including
22 // without limitation the rights to use, copy, modify, merge, publish,
23 // distribute, sublicense, and/or sell copies of the Software, and to
24 // permit persons to whom the Software is furnished to do so, subject to
25 // the following conditions:
27 // The above copyright notice and this permission notice shall be
28 // included in all copies or substantial portions of the Software.
30 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
31 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
32 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
33 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
34 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
35 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
36 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 using System
.Globalization
;
41 using System
.Security
.Cryptography
;
44 using Mono
.Security
.Cryptography
;
46 namespace Mono
.Security
.Protocol
.Ntlm
{
48 public class ChallengeResponse
: IDisposable
{
50 static private byte[] magic
= { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }
;
52 // This is the pre-encrypted magic value with a null DES key (0xAAD3B435B51404EE)
53 // Ref: http://packetstormsecurity.nl/Crackers/NT/l0phtcrack/l0phtcrack2.5-readme.html
54 static private byte[] nullEncMagic
= { 0xAA, 0xD3, 0xB4, 0x35, 0xB5, 0x14, 0x04, 0xEE }
;
56 private bool _disposed
;
57 private byte[] _challenge
;
58 private byte[] _lmpwd
;
59 private byte[] _ntpwd
;
63 public ChallengeResponse ()
66 _lmpwd
= new byte [21];
67 _ntpwd
= new byte [21];
70 public ChallengeResponse (string password
, byte[] challenge
) : this ()
73 Challenge
= challenge
;
84 public string Password
{
88 throw new ObjectDisposedException ("too late");
90 // create Lan Manager password
92 DESCryptoServiceProvider des
= new DESCryptoServiceProvider ();
94 DES des
= DES
.Create ();
96 des
.Mode
= CipherMode
.ECB
;
97 ICryptoTransform ct
= null;
99 // Note: In .NET DES cannot accept a weak key
100 // this can happen for a null password
101 if ((value == null) || (value.Length
< 1)) {
102 Buffer
.BlockCopy (nullEncMagic
, 0, _lmpwd
, 0, 8);
105 des
.Key
= PasswordToKey (value, 0);
106 ct
= des
.CreateEncryptor ();
107 ct
.TransformBlock (magic
, 0, 8, _lmpwd
, 0);
110 // and if a password has less than 8 characters
111 if ((value == null) || (value.Length
< 8)) {
112 Buffer
.BlockCopy (nullEncMagic
, 0, _lmpwd
, 8, 8);
115 des
.Key
= PasswordToKey (value, 7);
116 ct
= des
.CreateEncryptor ();
117 ct
.TransformBlock (magic
, 0, 8, _lmpwd
, 8);
120 // create NT password
122 MD4Managed md4
= new MD4Managed ();
124 MD4 md4
= MD4
.Create ();
126 byte[] data
= ((value == null) ? (new byte [0]) : (Encoding
.Unicode
.GetBytes (value)));
127 byte[] hash
= md4
.ComputeHash (data
);
128 Buffer
.BlockCopy (hash
, 0, _ntpwd
, 0, 16);
131 Array
.Clear (data
, 0, data
.Length
);
132 Array
.Clear (hash
, 0, hash
.Length
);
137 public byte[] Challenge
{
141 throw new ArgumentNullException ("Challenge");
143 throw new ObjectDisposedException ("too late");
144 // we don't want the caller to modify the value afterward
145 _challenge
= (byte[]) value.Clone ();
152 throw new ObjectDisposedException ("too late");
154 return GetResponse (_lmpwd
);
161 throw new ObjectDisposedException ("too late");
163 return GetResponse (_ntpwd
);
167 // IDisposable method
169 public void Dispose ()
172 GC
.SuppressFinalize (this);
175 private void Dispose (bool disposing
)
179 Array
.Clear (_lmpwd
, 0, _lmpwd
.Length
);
180 Array
.Clear (_ntpwd
, 0, _ntpwd
.Length
);
181 if (_challenge
!= null)
182 Array
.Clear (_challenge
, 0, _challenge
.Length
);
189 private byte[] GetResponse (byte[] pwd
)
191 byte[] response
= new byte [24];
193 DESCryptoServiceProvider des
= new DESCryptoServiceProvider ();
195 DES des
= DES
.Create ();
197 des
.Mode
= CipherMode
.ECB
;
198 des
.Key
= PrepareDESKey (pwd
, 0);
199 ICryptoTransform ct
= des
.CreateEncryptor ();
200 ct
.TransformBlock (_challenge
, 0, 8, response
, 0);
201 des
.Key
= PrepareDESKey (pwd
, 7);
202 ct
= des
.CreateEncryptor ();
203 ct
.TransformBlock (_challenge
, 0, 8, response
, 8);
204 des
.Key
= PrepareDESKey (pwd
, 14);
205 ct
= des
.CreateEncryptor ();
206 ct
.TransformBlock (_challenge
, 0, 8, response
, 16);
210 private byte[] PrepareDESKey (byte[] key56bits
, int position
)
212 // convert to 8 bytes
213 byte[] key
= new byte [8];
214 key
[0] = key56bits
[position
];
215 key
[1] = (byte) ((key56bits
[position
] << 7) | (key56bits
[position
+ 1] >> 1));
216 key
[2] = (byte) ((key56bits
[position
+ 1] << 6) | (key56bits
[position
+ 2] >> 2));
217 key
[3] = (byte) ((key56bits
[position
+ 2] << 5) | (key56bits
[position
+ 3] >> 3));
218 key
[4] = (byte) ((key56bits
[position
+ 3] << 4) | (key56bits
[position
+ 4] >> 4));
219 key
[5] = (byte) ((key56bits
[position
+ 4] << 3) | (key56bits
[position
+ 5] >> 5));
220 key
[6] = (byte) ((key56bits
[position
+ 5] << 2) | (key56bits
[position
+ 6] >> 6));
221 key
[7] = (byte) (key56bits
[position
+ 6] << 1);
225 private byte[] PasswordToKey (string password
, int position
)
227 byte[] key7
= new byte [7];
228 int len
= System
.Math
.Min (password
.Length
- position
, 7);
229 Encoding
.ASCII
.GetBytes (password
.ToUpper (CultureInfo
.CurrentCulture
), position
, len
, key7
, 0);
230 byte[] key8
= PrepareDESKey (key7
, 0);
231 // cleanup intermediate key material
232 Array
.Clear (key7
, 0, key7
.Length
);