]> git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/NCSA/crypt_md5.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SourceFormat Enforcement
[thirdparty/squid.git] / helpers / basic_auth / NCSA / crypt_md5.cc
1 /*
2 * Shamelessly stolen from linux-pam, and adopted to work with
3 * OpenSSL md5 implementation and any magic string
4 *
5 * Origin2: md5_crypt.c,v 1.1.1.1 2000/01/03 17:34:46 gafton Exp
6 *
7 * ----------------------------------------------------------------------------
8 * "THE BEER-WARE LICENSE" (Revision 42):
9 * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
10 * can do whatever you want with this stuff. If we meet some day, and you think
11 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
12 * ----------------------------------------------------------------------------
13 *
14 * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp
15 *
16 */
17 #include "squid.h"
18
19 #if HAVE_STRING_H
20 #include <string.h>
21 #endif
22 #if HAVE_STDIO_H
23 #include <stdio.h>
24 #endif
25
26 #include "crypt_md5.h"
27 #include "md5.h"
28
29 static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
30 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
31
32 static void md5to64(char *s, unsigned long v, int n)
33 {
34 while (--n >= 0) {
35 *s = itoa64[v & 0x3f];
36 ++s;
37 v >>= 6;
38 }
39 }
40
41 /*
42 * MD5 hash a password
43 *
44 * Use MD5 for what it is best at...
45 *
46 * If salt begins with $ then it is assumed to be on the form
47 * $magic$salt$...
48 * If not the normal UNIX magic $1$ is used.
49 */
50
51 char *crypt_md5(const char *pw, const char *salt)
52 {
53 const char *magic = "$1$";
54 int magiclen = 3;
55 static char passwd[120], *p;
56 static const char *sp, *ep;
57 unsigned char final[16];
58 int sl, pl, i, j;
59 SquidMD5_CTX ctx, ctx1;
60 unsigned long l;
61
62 if (*salt == '$') {
63 magic = salt;
64 ++salt;
65 while (*salt && *salt != '$')
66 ++salt;
67 if (*salt == '$') {
68 ++salt;
69 magiclen = salt - magic;
70 } else {
71 salt = magic;
72 magic = "$1$";
73 }
74 }
75
76 /* Refine the Salt first */
77 sp = salt;
78
79 /* It stops at the first '$', max 8 chars */
80 for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ++ep)
81 continue;
82
83 /* get the length of the true salt */
84 sl = ep - sp;
85
86 SquidMD5Init(&ctx);
87
88 /* The password first, since that is what is most unknown */
89 SquidMD5Update(&ctx, (unsigned const char *) pw, strlen(pw));
90
91 /* Then our magic string */
92 SquidMD5Update(&ctx, (unsigned const char *) magic, magiclen);
93
94 /* Then the raw salt */
95 SquidMD5Update(&ctx, (unsigned const char *) sp, sl);
96
97 /* Then just as many characters of the MD5(pw,salt,pw) */
98 SquidMD5Init(&ctx1);
99 SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
100 SquidMD5Update(&ctx1, (unsigned const char *) sp, sl);
101 SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
102 SquidMD5Final(final, &ctx1);
103 for (pl = strlen(pw); pl > 0; pl -= 16)
104 SquidMD5Update(&ctx, (unsigned const char *) final, pl > 16 ? 16 : pl);
105
106 /* Don't leave anything around in vm they could use. */
107 memset(final, 0, sizeof final);
108
109 /* Then something really weird... */
110 for (j = 0, i = strlen(pw); i; i >>= 1)
111 if (i & 1)
112 SquidMD5Update(&ctx, (unsigned const char *) final + j, 1);
113 else
114 SquidMD5Update(&ctx, (unsigned const char *) pw + j, 1);
115
116 /* Now make the output string */
117 memset(passwd, 0, sizeof(passwd));
118 strncat(passwd, magic, magiclen);
119 strncat(passwd, sp, sl);
120 strcat(passwd, "$");
121
122 SquidMD5Final(final, &ctx);
123
124 /*
125 * and now, just to make sure things don't run too fast
126 * On a 60 Mhz Pentium this takes 34 msec, so you would
127 * need 30 seconds to build a 1000 entry dictionary...
128 */
129 for (i = 0; i < 1000; ++i) {
130 SquidMD5Init(&ctx1);
131 if (i & 1)
132 SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
133 else
134 SquidMD5Update(&ctx1, (unsigned const char *) final, 16);
135
136 if (i % 3)
137 SquidMD5Update(&ctx1, (unsigned const char *) sp, sl);
138
139 if (i % 7)
140 SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
141
142 if (i & 1)
143 SquidMD5Update(&ctx1, (unsigned const char *) final, 16);
144 else
145 SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
146 SquidMD5Final(final, &ctx1);
147 }
148
149 p = passwd + strlen(passwd);
150
151 l = (final[0] << 16) | (final[6] << 8) | final[12];
152 md5to64(p, l, 4);
153 p += 4;
154 l = (final[1] << 16) | (final[7] << 8) | final[13];
155 md5to64(p, l, 4);
156 p += 4;
157 l = (final[2] << 16) | (final[8] << 8) | final[14];
158 md5to64(p, l, 4);
159 p += 4;
160 l = (final[3] << 16) | (final[9] << 8) | final[15];
161 md5to64(p, l, 4);
162 p += 4;
163 l = (final[4] << 16) | (final[10] << 8) | final[5];
164 md5to64(p, l, 4);
165 p += 4;
166 l = final[11];
167 md5to64(p, l, 2);
168 p += 2;
169 *p = '\0';
170
171 /* Don't leave anything around in vm they could use. */
172 memset(final, 0, sizeof final);
173
174 return passwd;
175 }
176
177 /* Created by Ramon de Carvalho <ramondecarvalho@yahoo.com.br>
178 Refined by Rodrigo Rubira Branco <rodrigo@kernelhacking.com>
179 */
180 char *md5sum(const char *s)
181 {
182 static unsigned char digest[16];
183 SquidMD5_CTX ctx;
184 int idx;
185 static char sum[33];
186
187 memset(digest,0,16);
188
189 SquidMD5Init(&ctx);
190 SquidMD5Update(&ctx,(const unsigned char *)s,strlen(s));
191 SquidMD5Final(digest,&ctx);
192
193 for (idx=0; idx<16; ++idx)
194 snprintf(&sum[idx*2],(33-(idx*2)),"%02x",digest[idx]);
195
196 sum[32]='\0';
197
198 /* Don't leave anything around in vm they could use. */
199 memset(digest, 0, sizeof digest);
200
201 return sum;
202 }
203
Mirror of https://github.com/squid-cache/squid.git