[dragonfly.git] / lib / libcrypt / crypt-md5.c

/*
 * ----------------------------------------------------------------------------
 * "THE BEER-WARE LICENSE" (Revision 42):
 * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
 * can do whatever you want with this stuff. If we meet some day, and you think
 * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
 * ----------------------------------------------------------------------------
 *
 * $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5.2.1 2001/05/24 12:20:02 markm Exp $
 * $DragonFly: src/lib/libcrypt/crypt-md5.c,v 1.3 2005/08/04 17:27:09 drhodus Exp $
 */

#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <md5.h>
#include <err.h>
#include "crypt.h"

/*
 * UNIX password
 */

char *
crypt_md5(const char *pw, const char *salt)
{
	static char	*magic = "$1$";	/*
					 * This string is magic for
					 * this algorithm.  Having
					 * it this way, we can get
					 * get better later on
					 */
	static char     passwd[120], *p;
	static const char *sp,*ep;
	unsigned char	final[MD5_SIZE];
	int sl,pl,i;
	MD5_CTX	ctx,ctx1;
	unsigned long l;

	/* Refine the Salt first */
	sp = salt;

	/* If it starts with the magic string, then skip that */
	if(!strncmp(sp,magic,strlen(magic)))
		sp += strlen(magic);

	/* It stops at the first '$', max 8 chars */
	for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
		continue;

	/* get the length of the true salt */
	sl = ep - sp;

	MD5Init(&ctx);

	/* The password first, since that is what is most unknown */
	MD5Update(&ctx,pw,strlen(pw));

	/* Then our magic string */
	MD5Update(&ctx,magic,strlen(magic));

	/* Then the raw salt */
	MD5Update(&ctx,sp,sl);

	/* Then just as many characters of the MD5(pw,salt,pw) */
	MD5Init(&ctx1);
	MD5Update(&ctx1,pw,strlen(pw));
	MD5Update(&ctx1,sp,sl);
	MD5Update(&ctx1,pw,strlen(pw));
	MD5Final(final,&ctx1);
	for(pl = strlen(pw); pl > 0; pl -= MD5_SIZE)
		MD5Update(&ctx,final,pl>MD5_SIZE ? MD5_SIZE : pl);

	/* Don't leave anything around in vm they could use. */
	memset(final,0,sizeof final);

	/* Then something really weird... */
	for (i = strlen(pw); i ; i >>= 1)
		if(i&1)
		    MD5Update(&ctx, final, 1);
		else
		    MD5Update(&ctx, pw, 1);

	/* Now make the output string */
	strcpy(passwd,magic);
	strncat(passwd,sp,sl);
	strcat(passwd,"$");

	MD5Final(final,&ctx);

	/*
	 * and now, just to make sure things don't run too fast
	 * On a 60 Mhz Pentium this takes 34 msec, so you would
	 * need 30 seconds to build a 1000 entry dictionary...
	 */
	for(i=0;i<1000;i++) {
		MD5Init(&ctx1);
		if(i & 1)
			MD5Update(&ctx1,pw,strlen(pw));
		else
			MD5Update(&ctx1,final,MD5_SIZE);

		if(i % 3)
			MD5Update(&ctx1,sp,sl);

		if(i % 7)
			MD5Update(&ctx1,pw,strlen(pw));

		if(i & 1)
			MD5Update(&ctx1,final,MD5_SIZE);
		else
			MD5Update(&ctx1,pw,strlen(pw));
		MD5Final(final,&ctx1);
	}

	p = passwd + strlen(passwd);

	l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
	_crypt_to64(p,l,4); p += 4;
	l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
	_crypt_to64(p,l,4); p += 4;
	l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
	_crypt_to64(p,l,4); p += 4;
	l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
	_crypt_to64(p,l,4); p += 4;
	l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
	_crypt_to64(p,l,4); p += 4;
	l =                    final[11]                ;
	_crypt_to64(p,l,2); p += 2;
	*p = '\0';

	/* Don't leave anything around in vm they could use. */
	memset(final,0,sizeof final);

	return passwd;
}
Commit	Line	Data
984263bc MD	1	/*
	2	* ----------------------------------------------------------------------------
	3	* "THE BEER-WARE LICENSE" (Revision 42):
	4	* <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
	5	* can do whatever you want with this stuff. If we meet some day, and you think
	6	* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
	7	* ----------------------------------------------------------------------------
	8	*
	9	* $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5.2.1 2001/05/24 12:20:02 markm Exp $
2c3b12ff	10	* $DragonFly: src/lib/libcrypt/crypt-md5.c,v 1.3 2005/08/04 17:27:09 drhodus Exp $
984263bc MD	11	*/
984263bc MD	12
984263bc MD	13	#include <unistd.h>
	14	#include <stdio.h>
	15	#include <string.h>
	16	#include <md5.h>
	17	#include <err.h>
	18	#include "crypt.h"
	19
	20	/*
	21	* UNIX password
	22	*/
	23
	24	char *
2c3b12ff	25	crypt_md5(const char pw, const char salt)
984263bc MD	26	{
	27	static char magic = "$1$"; /
	28	* This string is magic for
	29	* this algorithm. Having
	30	* it this way, we can get
	31	* get better later on
	32	*/
	33	static char passwd[120], *p;
	34	static const char sp,ep;
	35	unsigned char final[MD5_SIZE];
	36	int sl,pl,i;
	37	MD5_CTX ctx,ctx1;
	38	unsigned long l;
	39
	40	/* Refine the Salt first */
	41	sp = salt;
	42
	43	/* If it starts with the magic string, then skip that */
	44	if(!strncmp(sp,magic,strlen(magic)))
	45	sp += strlen(magic);
	46
	47	/* It stops at the first '$', max 8 chars */
	48	for(ep=sp;ep && ep != '$' && ep < (sp+8);ep++)
	49	continue;
	50
	51	/* get the length of the true salt */
	52	sl = ep - sp;
	53
	54	MD5Init(&ctx);
	55
	56	/* The password first, since that is what is most unknown */
	57	MD5Update(&ctx,pw,strlen(pw));
	58
	59	/* Then our magic string */
	60	MD5Update(&ctx,magic,strlen(magic));
	61
	62	/* Then the raw salt */
	63	MD5Update(&ctx,sp,sl);
	64
	65	/* Then just as many characters of the MD5(pw,salt,pw) */
	66	MD5Init(&ctx1);
	67	MD5Update(&ctx1,pw,strlen(pw));
	68	MD5Update(&ctx1,sp,sl);
	69	MD5Update(&ctx1,pw,strlen(pw));
	70	MD5Final(final,&ctx1);
	71	for(pl = strlen(pw); pl > 0; pl -= MD5_SIZE)
	72	MD5Update(&ctx,final,pl>MD5_SIZE ? MD5_SIZE : pl);
	73
	74	/* Don't leave anything around in vm they could use. */
	75	memset(final,0,sizeof final);
	76
	77	/* Then something really weird... */
	78	for (i = strlen(pw); i ; i >>= 1)
	79	if(i&1)
	80	MD5Update(&ctx, final, 1);
	81	else
	82	MD5Update(&ctx, pw, 1);
	83
	84	/* Now make the output string */
	85	strcpy(passwd,magic);
	86	strncat(passwd,sp,sl);
	87	strcat(passwd,"$");
	88
	89	MD5Final(final,&ctx);
90
91	/*
92	* and now, just to make sure things don't run too fast
93	* On a 60 Mhz Pentium this takes 34 msec, so you would
94	* need 30 seconds to build a 1000 entry dictionary...
95	*/
96	for(i=0;i<1000;i++) {
97	MD5Init(&ctx1);
98	if(i & 1)
99	MD5Update(&ctx1,pw,strlen(pw));
100	else
101	MD5Update(&ctx1,final,MD5_SIZE);
102
103	if(i % 3)
104	MD5Update(&ctx1,sp,sl);
105
106	if(i % 7)
107	MD5Update(&ctx1,pw,strlen(pw));
108
109	if(i & 1)
110	MD5Update(&ctx1,final,MD5_SIZE);
111	else
112	MD5Update(&ctx1,pw,strlen(pw));
113	MD5Final(final,&ctx1);
114	}
115
116	p = passwd + strlen(passwd);
117
118	l = (final[ 0]<<16) \| (final[ 6]<<8) \| final[12];
119	_crypt_to64(p,l,4); p += 4;
120	l = (final[ 1]<<16) \| (final[ 7]<<8) \| final[13];
121	_crypt_to64(p,l,4); p += 4;
122	l = (final[ 2]<<16) \| (final[ 8]<<8) \| final[14];
123	_crypt_to64(p,l,4); p += 4;
124	l = (final[ 3]<<16) \| (final[ 9]<<8) \| final[15];
125	_crypt_to64(p,l,4); p += 4;
126	l = (final[ 4]<<16) \| (final[10]<<8) \| final[ 5];
127	_crypt_to64(p,l,4); p += 4;
128	l = final[11] ;
129	_crypt_to64(p,l,2); p += 2;
130	*p = '\0';
131
132	/* Don't leave anything around in vm they could use. */
133	memset(final,0,sizeof final);
134
135	return passwd;
136	}
137