diff options
Diffstat (limited to 'md5crypt.c')
-rw-r--r-- | md5crypt.c | 166 |
1 files changed, 166 insertions, 0 deletions
diff --git a/md5crypt.c b/md5crypt.c new file mode 100644 index 000000000..15af422a6 --- /dev/null +++ b/md5crypt.c | |||
@@ -0,0 +1,166 @@ | |||
1 | /* | ||
2 | * ---------------------------------------------------------------------------- | ||
3 | * "THE BEER-WARE LICENSE" (Revision 42): | ||
4 | * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you | ||
5 | * can do whatever you want with this stuff. If we meet some day, and you think | ||
6 | * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp | ||
7 | * ---------------------------------------------------------------------------- | ||
8 | */ | ||
9 | |||
10 | /* | ||
11 | * Ported from FreeBSD to Linux, only minimal changes. --marekm | ||
12 | */ | ||
13 | |||
14 | /* | ||
15 | * Adapted from shadow-19990607 by Tudor Bosman, tudorb@jm.nu | ||
16 | */ | ||
17 | |||
18 | #include "config.h" | ||
19 | |||
20 | #ifdef HAVE_MD5_PASSWORDS | ||
21 | |||
22 | #include <unistd.h> | ||
23 | #include <string.h> | ||
24 | |||
25 | #ifdef HAVE_OPENSSL | ||
26 | #include <openssl/md5.h> | ||
27 | #endif | ||
28 | |||
29 | #ifdef HAVE_SSL | ||
30 | #include <ssl/md5.h> | ||
31 | #endif | ||
32 | |||
33 | static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ | ||
34 | "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | ||
35 | |||
36 | static char *magic = "$1$"; /* | ||
37 | * This string is magic for | ||
38 | * this algorithm. Having | ||
39 | * it this way, we can get | ||
40 | * get better later on | ||
41 | */ | ||
42 | |||
43 | static void | ||
44 | to64(char *s, unsigned long v, int n) | ||
45 | { | ||
46 | while (--n >= 0) { | ||
47 | *s++ = itoa64[v&0x3f]; | ||
48 | v >>= 6; | ||
49 | } | ||
50 | } | ||
51 | |||
52 | int | ||
53 | is_md5_salt(const char *salt) | ||
54 | { | ||
55 | return (!strncmp(salt, magic, strlen(magic))); | ||
56 | } | ||
57 | |||
58 | /* | ||
59 | * UNIX password | ||
60 | * | ||
61 | * Use MD5 for what it is best at... | ||
62 | */ | ||
63 | |||
64 | char * | ||
65 | md5_crypt(const char *pw, const char *salt) | ||
66 | { | ||
67 | static char passwd[120], *p; | ||
68 | static const char *sp,*ep; | ||
69 | unsigned char final[16]; | ||
70 | int sl,pl,i,j; | ||
71 | MD5_CTX ctx,ctx1; | ||
72 | unsigned long l; | ||
73 | |||
74 | /* Refine the Salt first */ | ||
75 | sp = salt; | ||
76 | |||
77 | /* If it starts with the magic string, then skip that */ | ||
78 | if(!strncmp(sp,magic,strlen(magic))) | ||
79 | sp += strlen(magic); | ||
80 | |||
81 | /* It stops at the first '$', max 8 chars */ | ||
82 | for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++) | ||
83 | continue; | ||
84 | |||
85 | /* get the length of the true salt */ | ||
86 | sl = ep - sp; | ||
87 | |||
88 | MD5_Init(&ctx); | ||
89 | |||
90 | /* The password first, since that is what is most unknown */ | ||
91 | MD5_Update(&ctx,pw,strlen(pw)); | ||
92 | |||
93 | /* Then our magic string */ | ||
94 | MD5_Update(&ctx,magic,strlen(magic)); | ||
95 | |||
96 | /* Then the raw salt */ | ||
97 | MD5_Update(&ctx,sp,sl); | ||
98 | |||
99 | /* Then just as many characters of the MD5(pw,salt,pw) */ | ||
100 | MD5_Init(&ctx1); | ||
101 | MD5_Update(&ctx1,pw,strlen(pw)); | ||
102 | MD5_Update(&ctx1,sp,sl); | ||
103 | MD5_Update(&ctx1,pw,strlen(pw)); | ||
104 | MD5_Final(final,&ctx1); | ||
105 | for(pl = strlen(pw); pl > 0; pl -= 16) | ||
106 | MD5_Update(&ctx,final,pl>16 ? 16 : pl); | ||
107 | |||
108 | /* Don't leave anything around in vm they could use. */ | ||
109 | memset(final,0,sizeof final); | ||
110 | |||
111 | /* Then something really weird... */ | ||
112 | for (j=0,i = strlen(pw); i ; i >>= 1) | ||
113 | if(i&1) | ||
114 | MD5_Update(&ctx, final+j, 1); | ||
115 | else | ||
116 | MD5_Update(&ctx, pw+j, 1); | ||
117 | |||
118 | /* Now make the output string */ | ||
119 | strcpy(passwd,magic); | ||
120 | strncat(passwd,sp,sl); | ||
121 | strcat(passwd,"$"); | ||
122 | |||
123 | MD5_Final(final,&ctx); | ||
124 | |||
125 | /* | ||
126 | * and now, just to make sure things don't run too fast | ||
127 | * On a 60 Mhz Pentium this takes 34 msec, so you would | ||
128 | * need 30 seconds to build a 1000 entry dictionary... | ||
129 | */ | ||
130 | for(i=0;i<1000;i++) { | ||
131 | MD5_Init(&ctx1); | ||
132 | if(i & 1) | ||
133 | MD5_Update(&ctx1,pw,strlen(pw)); | ||
134 | else | ||
135 | MD5_Update(&ctx1,final,16); | ||
136 | |||
137 | if(i % 3) | ||
138 | MD5_Update(&ctx1,sp,sl); | ||
139 | |||
140 | if(i % 7) | ||
141 | MD5_Update(&ctx1,pw,strlen(pw)); | ||
142 | |||
143 | if(i & 1) | ||
144 | MD5_Update(&ctx1,final,16); | ||
145 | else | ||
146 | MD5_Update(&ctx1,pw,strlen(pw)); | ||
147 | MD5_Final(final,&ctx1); | ||
148 | } | ||
149 | |||
150 | p = passwd + strlen(passwd); | ||
151 | |||
152 | l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4; | ||
153 | l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4; | ||
154 | l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4; | ||
155 | l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4; | ||
156 | l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4; | ||
157 | l = final[11] ; to64(p,l,2); p += 2; | ||
158 | *p = '\0'; | ||
159 | |||
160 | /* Don't leave anything around in vm they could use. */ | ||
161 | memset(final,0,sizeof final); | ||
162 | |||
163 | return passwd; | ||
164 | } | ||
165 | |||
166 | #endif /* HAVE_MD5_PASSWORDS */ | ||