/** * Calculates a response to a server challenge for a given credential hash. * * @param HashCredentialInterface $hash_credential The authentication * credential hash to compute the response for. * @param string $data The binary string containing the previously * calculated data to encrypt, depending on the session strategy. * @return string The calculated challenge response data as a binary string. */ public function calculateChallengeResponseData(HashCredentialInterface $hash_credential, $data) { // Nul pad the credential hash to the full key size $padded_hash = str_pad($hash_credential->getValue(), static::DESL_FULL_KEY_LENGTH, static::NULL_PAD_CHARACTER); $key_blocks = str_split($padded_hash, static::DESL_KEY_BLOCK_SEGMENT_LENGTH); $binary_data = array_reduce($key_blocks, function ($result, $key_block) use($data) { return $result . $this->des_encrypter->encrypt($key_block, $data, CipherMode::ECB, ''); }, ''); return $binary_data; }
/** * Calculates the NT "proof" string (known as "NtProofStr" in the official * documentation). * * @param HashCredentialInterface $hash_credential The user's authentication * NT hash credential. * @param string $server_challenge_nonce The 64-bit (8-byte) unsigned * server-sent "nonce" (number used once) represented as a binary string. * @param string $blob The binary encoded "blob" string. * @return string The calculated NT "proof" string as a binary string. */ public function calculateNtProofString(HashCredentialInterface $hash_credential, $server_challenge_nonce, $blob) { $data_to_hash = $server_challenge_nonce . $blob; $keyed_hasher = $this->crypt_hasher_factory->build(static::KEYED_HASHER_ALGORITHM, $hash_credential->getValue()); return $keyed_hasher->update($data_to_hash)->digest(); }