Fixed #5: Some key digests are encrypted using only the first half of…

… the password
baibaratsky · Apr 28, 2015 · 4c7ea09 · 4c7ea09
1 parent 7a5b3a7
commit 4c7ea09
Showing 1 changed file with 27 additions and 4 deletions.
diff --git a/Signer.php b/Signer.php
@@ -34,13 +34,20 @@ public function __construct($wmid, $keyFileName, $keyPassword)
         }
 
         $keyData = unpack('vreserved/vsignFlag/a16hash/Vlength/a*buffer', $key);
-        $keyData['buffer'] = self::encryptKey($keyData['buffer'], $wmid, $keyPassword);
 
-        if (!self::verifyHash($keyData)) {
-            throw new \Exception('Hash check failed. Key file seems to be corrupted.');
+        $keyBuffer = self::readKeyBuffer($keyData, $wmid, $keyPassword);
+
+        if ($keyBuffer === false) {
+            // Try one more time using only the first half of the password
+            $keyPassword = substr($keyPassword, 0, ceil(strlen($keyPassword) / 2));
+            $keyBuffer = self::readKeyBuffer($keyData, $wmid, $keyPassword);
+
+            if ($keyBuffer === false) {
+                throw new \Exception('Hash check failed. Key file seems to be corrupted.');
+            }
         }
 
-        $this->initSignVariables($keyData['buffer']);
+        $this->initSignVariables($keyBuffer);
     }
 
     /**
@@ -96,6 +103,22 @@ private function initSignVariables($keyBuffer)
         $this->modulus = self::reverseToDecimal($data['modulus']);
     }
 
+    /**
+     * Check and return the key buffer
+     *
+     * @param array $keyData
+     * @param string $wmid
+     * @param string $keyPassword
+     *
+     * @return string|false The key buffer, or false if the hash doesn't match
+     */
+    private static function readKeyBuffer($keyData, $wmid, $keyPassword)
+    {
+        $keyData['buffer'] = self::encryptKey($keyData['buffer'], $wmid, $keyPassword);
+
+        return self::verifyHash($keyData) ? $keyData['buffer'] : false;
+    }
+
     /**
      * Encrypt the key using the hash of the WMID and the key password
      *