def _gen_challenge_response(self, challenge_hash, nt_hash):
_nt_hash = b''.join((nt_hash, b'\x00' * 5))
challenge_response = b''
key = des.expand_des_key(_nt_hash[:7])
challenge_response += des.des_encrypt_block(key, challenge_hash)
key = des.expand_des_key(_nt_hash[7:14])
challenge_response += des.des_encrypt_block(key, challenge_hash)
key = des.expand_des_key(_nt_hash[14:])
challenge_response += des.des_encrypt_block(key, challenge_hash)
return challenge_response
def _gen_challenge_response(self, challenge_hash, nt_hash):
_nt_hash = b''.join((nt_hash, b'\x00' * 5))
challenge_response = b''
key = des.expand_des_key(_nt_hash[:7])
challenge_response += des.des_encrypt_block(key, challenge_hash)
key = des.expand_des_key(_nt_hash[7:14])
challenge_response += des.des_encrypt_block(key, challenge_hash)
key = des.expand_des_key(_nt_hash[14:])
challenge_response += des.des_encrypt_block(key, challenge_hash)
return challenge_response
def _getKeysFromHash(self, nthash):
k1 = nthash[0:7]
k1 = des.expand_des_key(k1)
k2 = nthash[7:14]
k2 = des.expand_des_key(k2)
k3 = nthash[14:16]
k3 += (chr(0x00) * 5)
k3 = des.expand_des_key(k3)
return k1, k2, k3
def _getKeysFromHash(self, nthash):
k1 = nthash[0:7]
k1 = des.expand_des_key(k1)
k2 = nthash[7:14]
k2 = des.expand_des_key(k2)
k3 = nthash[14:16]
k3 += (chr(0x00) * 5)
k3 = des.expand_des_key(k3)
return k1, k2, k3
def checkKey(plaintext, ciphertext, b1, b2):
keyCandidateBytes = chr(b1) + chr(b2) + (chr(0x00) * 5)
keyCandidate = des.expand_des_key(keyCandidateBytes)
result = des.des_encrypt_block(keyCandidate, plaintext)
if result == ciphertext:
return keyCandidateBytes
def checkKey(plaintext, ciphertext, b1, b2):
keyCandidateBytes = chr(b1) + chr(b2) + (chr(0x00) * 5)
keyCandidate = des.expand_des_key(keyCandidateBytes)
result = des.des_encrypt_block(keyCandidate, plaintext)
if result == ciphertext:
return keyCandidateBytes
def test_parsing(self):
capture = open("tests/pptp.cap")
reader = ChapPacketReader(capture)
handshakes = MultiChapStateManager()
for packet in reader:
handshakes.addHandshakePacket(packet)
complete = handshakes.getCompletedHandshakes()
assert len(complete) == 1
for server in complete:
for client in complete[server]:
c1, c2, c3 = complete[server][client].getCiphertext()
plaintext = complete[server][client].getPlaintext()
username = complete[server][client].getUserName()
assert username == "moxie"
hash = nthash.raw_nthash('bPCFyF2uL1p5Lg5yrKmqmY')
print "NT Hash: %s" % binascii.hexlify(hash)
key1 = hash[0:7]
key1 = des.expand_des_key(key1)
key2 = hash[7:14]
key2 = des.expand_des_key(key2)
key3 = hash[14:16]
key3 += (chr(0x00) * 5)
key3 = des.expand_des_key(key3)
result1 = des.des_encrypt_block(key1, plaintext)
result2 = des.des_encrypt_block(key2, plaintext)
result3 = des.des_encrypt_block(key3, plaintext)
print "DES Encryption 1: %s" % binascii.hexlify(result1)
print "C1: %s" % binascii.hexlify(c1)
print "C2: %s" % binascii.hexlify(c2)
print "C3: %s" % binascii.hexlify(c3)
assert result1 == c1
assert result2 == c2
assert result3 == c3
def execute(self):
plaintext = self._getPlaintext()
key = self._getKey()
iv = self._getIV()
pi = ''.join(chr(ord(c1) ^ ord(c2)) for c1, c2 in zip(plaintext, cycle(iv)))
key_parity = des.expand_des_key(key)
des_obj = DES.new(key_parity, DES.MODE_ECB)
ciphertext = des_obj.encrypt(pi)
self._printParameters(plaintext, None, iv, pi, ciphertext, None, key, key_parity, True)
def execute(self):
ciphertext = self._getCiphertext()
key = self._getKey()
iv = self._getIV()
ci = ''.join(
chr(ord(c1) ^ ord(c2)) for c1, c2 in zip(ciphertext, cycle(iv)))
key_parity = des.expand_des_key(key)
des_obj = DES.new(key_parity, DES.MODE_ECB)
plaintext = des_obj.decrypt(ci)
self._printParameters(plaintext, None, iv, None, ciphertext, ci, key,
key_parity, False)
def test_01_expand(self):
"test expand_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, _KDATA_MASK, INT_56_MASK
# make sure test vectors are preserved (sans parity bits)
# uses ints, bytes are tested under # 02
for key1, _, _ in self.des_test_vectors:
key2 = shrink_des_key(key1)
key3 = expand_des_key(key2)
# NOTE: this assumes expand_des_key() sets parity bits to 0
self.assertEqual(key3, key1 & _KDATA_MASK)
# type checks
self.assertRaises(TypeError, expand_des_key, 1.0)
# too large
self.assertRaises(ValueError, expand_des_key, INT_56_MASK + 1)
self.assertRaises(ValueError, expand_des_key, b("\x00") * 8)
# too small
self.assertRaises(ValueError, expand_des_key, -1)
self.assertRaises(ValueError, expand_des_key, b("\x00") * 6)
def test_02_shrink(self):
"test shrink_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, INT_64_MASK
from passlib.utils import random, getrandbytes
# make sure reverse works for some random keys
# uses bytes, ints are tested under # 01
for i in range(20):
key1 = getrandbytes(random, 7)
key2 = expand_des_key(key1)
key3 = shrink_des_key(key2)
self.assertEqual(key3, key1)
# type checks
self.assertRaises(TypeError, shrink_des_key, 1.0)
# too large
self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9)
# too small
self.assertRaises(ValueError, shrink_des_key, -1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
def test_01_expand(self):
"test expand_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, \
_KDATA_MASK, INT_56_MASK
# make sure test vectors are preserved (sans parity bits)
# uses ints, bytes are tested under # 02
for key1, _, _ in self.des_test_vectors:
key2 = shrink_des_key(key1)
key3 = expand_des_key(key2)
# NOTE: this assumes expand_des_key() sets parity bits to 0
self.assertEqual(key3, key1 & _KDATA_MASK)
# type checks
self.assertRaises(TypeError, expand_des_key, 1.0)
# too large
self.assertRaises(ValueError, expand_des_key, INT_56_MASK + 1)
self.assertRaises(ValueError, expand_des_key, b("\x00") * 8)
# too small
self.assertRaises(ValueError, expand_des_key, -1)
self.assertRaises(ValueError, expand_des_key, b("\x00") * 6)
def test_02_shrink(self):
"test shrink_des_key()"
from passlib.utils.des import expand_des_key, shrink_des_key, \
INT_64_MASK
from passlib.utils import random, getrandbytes
# make sure reverse works for some random keys
# uses bytes, ints are tested under # 01
for i in range(20):
key1 = getrandbytes(random, 7)
key2 = expand_des_key(key1)
key3 = shrink_des_key(key2)
self.assertEqual(key3, key1)
# type checks
self.assertRaises(TypeError, shrink_des_key, 1.0)
# too large
self.assertRaises(ValueError, shrink_des_key, INT_64_MASK + 1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 9)
# too small
self.assertRaises(ValueError, shrink_des_key, -1)
self.assertRaises(ValueError, shrink_des_key, b("\x00") * 7)
