Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/lib/libcrypt/crypt-md5.c
34820 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2003 Poul-Henning Kamp

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 * 2. Redistributions in binary form must reproduce the above copyright

13
 *    notice, this list of conditions and the following disclaimer in the

14
 *    documentation and/or other materials provided with the distribution.

15
 *

16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

17
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

18
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

20
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

21
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

22
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

23
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

24
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

26
 * SUCH DAMAGE.

27
 */

28


29
#include <sys/types.h>

30


31
#include <err.h>

32
#include <md5.h>

33
#include <stdio.h>

34
#include <string.h>

35
#include <strings.h>

36
#include <unistd.h>

37


38
#include "crypt.h"

39


40
/*

41
 * UNIX password

42
 */

43


44
int

45
crypt_md5(const char *pw, const char *salt, char *buffer)

46
{

47
	MD5_CTX	ctx,ctx1;

48
	unsigned long l;

49
	int sl, pl;

50
	u_int i;

51
	u_char final[MD5_SIZE];

52
	const char *ep;

53
	static const char *magic = "$1$";

54


55
	/* If the salt starts with the magic string, skip that. */

56
	if (!strncmp(salt, magic, strlen(magic)))

57
		salt += strlen(magic);

58


59
	/* It stops at the first '$', max 8 chars */

60
	for (ep = salt; *ep && *ep != '$' && ep < salt + 8; ep++)

61
		continue;

62


63
	/* get the length of the true salt */

64
	sl = ep - salt;

65


66
	MD5Init(&ctx);

67


68
	/* The password first, since that is what is most unknown */

69
	MD5Update(&ctx, (const u_char *)pw, strlen(pw));

70


71
	/* Then our magic string */

72
	MD5Update(&ctx, (const u_char *)magic, strlen(magic));

73


74
	/* Then the raw salt */

75
	MD5Update(&ctx, (const u_char *)salt, (u_int)sl);

76


77
	/* Then just as many characters of the MD5(pw,salt,pw) */

78
	MD5Init(&ctx1);

79
	MD5Update(&ctx1, (const u_char *)pw, strlen(pw));

80
	MD5Update(&ctx1, (const u_char *)salt, (u_int)sl);

81
	MD5Update(&ctx1, (const u_char *)pw, strlen(pw));

82
	MD5Final(final, &ctx1);

83
	for(pl = (int)strlen(pw); pl > 0; pl -= MD5_SIZE)

84
		MD5Update(&ctx, (const u_char *)final,

85
		    (u_int)(pl > MD5_SIZE ? MD5_SIZE : pl));

86


87
	/* Don't leave anything around in vm they could use. */

88
	explicit_bzero(final, sizeof(final));

89


90
	/* Then something really weird... */

91
	for (i = strlen(pw); i; i >>= 1)

92
		if(i & 1)

93
		    MD5Update(&ctx, (const u_char *)final, 1);

94
		else

95
		    MD5Update(&ctx, (const u_char *)pw, 1);

96


97
	/* Now make the output string */

98
	buffer = stpcpy(buffer, magic);

99
	buffer = stpncpy(buffer, salt, (u_int)sl);

100
	*buffer++ = '$';

101


102
	MD5Final(final, &ctx);

103


104
	/*

105
	 * and now, just to make sure things don't run too fast

106
	 * On a 60 Mhz Pentium this takes 34 msec, so you would

107
	 * need 30 seconds to build a 1000 entry dictionary...

108
	 */

109
	for(i = 0; i < 1000; i++) {

110
		MD5Init(&ctx1);

111
		if(i & 1)

112
			MD5Update(&ctx1, (const u_char *)pw, strlen(pw));

113
		else

114
			MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);

115


116
		if(i % 3)

117
			MD5Update(&ctx1, (const u_char *)salt, (u_int)sl);

118


119
		if(i % 7)

120
			MD5Update(&ctx1, (const u_char *)pw, strlen(pw));

121


122
		if(i & 1)

123
			MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);

124
		else

125
			MD5Update(&ctx1, (const u_char *)pw, strlen(pw));

126
		MD5Final(final, &ctx1);

127
	}

128


129
	l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];

130
	_crypt_to64(buffer, l, 4); buffer += 4;

131
	l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];

132
	_crypt_to64(buffer, l, 4); buffer += 4;

133
	l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];

134
	_crypt_to64(buffer, l, 4); buffer += 4;

135
	l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];

136
	_crypt_to64(buffer, l, 4); buffer += 4;

137
	l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];

138
	_crypt_to64(buffer, l, 4); buffer += 4;

139
	l = final[11];

140
	_crypt_to64(buffer, l, 2); buffer += 2;

141
	*buffer = '\0';

142


143
	/* Don't leave anything around in vm they could use. */

144
	explicit_bzero(final, sizeof(final));

145


146
	return (0);

147
}

148


149