blob: 16bcf33a13696c2acb6253ab719df44c8e6eafa6 [file] [log] [blame]
Damien Millerdd1c7ba1999-11-19 15:53:20 +11001/*
2 * ----------------------------------------------------------------------------
3 * "THE BEER-WARE LICENSE" (Revision 42):
4 * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
5 * can do whatever you want with this stuff. If we meet some day, and you think
6 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
7 * ----------------------------------------------------------------------------
8 */
9
10/*
11 * Ported from FreeBSD to Linux, only minimal changes. --marekm
12 */
13
14/*
15 * Adapted from shadow-19990607 by Tudor Bosman, tudorb@jm.nu
16 */
17
18#include "config.h"
19
Damien Millerbeb4ba51999-12-28 15:09:35 +110020#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
Damien Millerdd1c7ba1999-11-19 15:53:20 +110021
22#include <unistd.h>
23#include <string.h>
24
25#ifdef HAVE_OPENSSL
26#include <openssl/md5.h>
27#endif
28
29#ifdef HAVE_SSL
30#include <ssl/md5.h>
31#endif
32
33static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
34 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
35
36static char *magic = "$1$"; /*
37 * This string is magic for
38 * this algorithm. Having
39 * it this way, we can get
40 * get better later on
41 */
42
43static void
44to64(char *s, unsigned long v, int n)
45{
46 while (--n >= 0) {
47 *s++ = itoa64[v&0x3f];
48 v >>= 6;
49 }
50}
51
52int
53is_md5_salt(const char *salt)
54{
55 return (!strncmp(salt, magic, strlen(magic)));
56}
57
58/*
59 * UNIX password
60 *
61 * Use MD5 for what it is best at...
62 */
63
64char *
65md5_crypt(const char *pw, const char *salt)
66{
67 static char passwd[120], *p;
68 static const char *sp,*ep;
69 unsigned char final[16];
70 int sl,pl,i,j;
71 MD5_CTX ctx,ctx1;
72 unsigned long l;
73
74 /* Refine the Salt first */
75 sp = salt;
76
77 /* If it starts with the magic string, then skip that */
78 if(!strncmp(sp,magic,strlen(magic)))
79 sp += strlen(magic);
80
81 /* It stops at the first '$', max 8 chars */
82 for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
83 continue;
84
85 /* get the length of the true salt */
86 sl = ep - sp;
87
88 MD5_Init(&ctx);
89
90 /* The password first, since that is what is most unknown */
91 MD5_Update(&ctx,pw,strlen(pw));
92
93 /* Then our magic string */
94 MD5_Update(&ctx,magic,strlen(magic));
95
96 /* Then the raw salt */
97 MD5_Update(&ctx,sp,sl);
98
99 /* Then just as many characters of the MD5(pw,salt,pw) */
100 MD5_Init(&ctx1);
101 MD5_Update(&ctx1,pw,strlen(pw));
102 MD5_Update(&ctx1,sp,sl);
103 MD5_Update(&ctx1,pw,strlen(pw));
104 MD5_Final(final,&ctx1);
105 for(pl = strlen(pw); pl > 0; pl -= 16)
106 MD5_Update(&ctx,final,pl>16 ? 16 : pl);
107
108 /* Don't leave anything around in vm they could use. */
109 memset(final,0,sizeof final);
110
111 /* Then something really weird... */
112 for (j=0,i = strlen(pw); i ; i >>= 1)
113 if(i&1)
114 MD5_Update(&ctx, final+j, 1);
115 else
116 MD5_Update(&ctx, pw+j, 1);
117
118 /* Now make the output string */
119 strcpy(passwd,magic);
120 strncat(passwd,sp,sl);
121 strcat(passwd,"$");
122
123 MD5_Final(final,&ctx);
124
125 /*
126 * and now, just to make sure things don't run too fast
127 * On a 60 Mhz Pentium this takes 34 msec, so you would
128 * need 30 seconds to build a 1000 entry dictionary...
129 */
130 for(i=0;i<1000;i++) {
131 MD5_Init(&ctx1);
132 if(i & 1)
133 MD5_Update(&ctx1,pw,strlen(pw));
134 else
135 MD5_Update(&ctx1,final,16);
136
137 if(i % 3)
138 MD5_Update(&ctx1,sp,sl);
139
140 if(i % 7)
141 MD5_Update(&ctx1,pw,strlen(pw));
142
143 if(i & 1)
144 MD5_Update(&ctx1,final,16);
145 else
146 MD5_Update(&ctx1,pw,strlen(pw));
147 MD5_Final(final,&ctx1);
148 }
149
150 p = passwd + strlen(passwd);
151
152 l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
153 l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
154 l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
155 l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
156 l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
157 l = final[11] ; to64(p,l,2); p += 2;
158 *p = '\0';
159
160 /* Don't leave anything around in vm they could use. */
161 memset(final,0,sizeof final);
162
163 return passwd;
164}
165
Damien Millerbeb4ba51999-12-28 15:09:35 +1100166#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */