summaryrefslogtreecommitdiffstats
path: root/lib/libcrypt/crypt.c
diff options
context:
space:
mode:
authormarkm <markm@FreeBSD.org>1999-09-20 12:45:49 +0000
committermarkm <markm@FreeBSD.org>1999-09-20 12:45:49 +0000
commit9bc938e5c504726347763bf8eb4fc058ff930a42 (patch)
tree837f738fed44f5cd28fd1914b5b7e4c6144f4fa7 /lib/libcrypt/crypt.c
parent351e996436c4acb17453e4194703114754736d74 (diff)
downloadFreeBSD-src-9bc938e5c504726347763bf8eb4fc058ff930a42.zip
FreeBSD-src-9bc938e5c504726347763bf8eb4fc058ff930a42.tar.gz
Big code cleanup. (Inspired by Brandon Gillespie). Also move as
much as possible away from secure/ to make extending easier.
Diffstat (limited to 'lib/libcrypt/crypt.c')
-rw-r--r--lib/libcrypt/crypt.c176
1 files changed, 34 insertions, 142 deletions
diff --git a/lib/libcrypt/crypt.c b/lib/libcrypt/crypt.c
index cf54cd5..8172504 100644
--- a/lib/libcrypt/crypt.c
+++ b/lib/libcrypt/crypt.c
@@ -1,10 +1,27 @@
/*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
- * ----------------------------------------------------------------------------
+ * Copyright (c) 1999
+ * Mark Murray. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*
* $FreeBSD$
*
@@ -14,144 +31,19 @@
static char rcsid[] = "$FreeBSD$";
#endif /* LIBC_SCCS and not lint */
-#include <unistd.h>
-#include <stdio.h>
-#include <string.h>
-#include <md5.h>
#include <string.h>
-
-static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
- "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-static void to64 __P((char *, unsigned long, int));
-
-static void
-to64(s, v, n)
- char *s;
- unsigned long v;
- int n;
-{
-static void to64 __P((char *, unsigned long, int));
-
- while (--n >= 0) {
- *s++ = itoa64[v&0x3f];
- v >>= 6;
- }
-}
-
-/*
- * UNIX password
- *
- * Use MD5 for what it is best at...
- */
+#include "crypt.h"
char *
-crypt(pw, salt)
- register const char *pw;
- register const char *salt;
+crypt(char *passwd, char *salt)
{
- static char *magic = "$1$"; /*
- * This string is magic for
- * this algorithm. Having
- * it this way, we can get
- * get better later on
- */
- static char passwd[120], *p;
- static const char *sp,*ep;
- unsigned char final[16];
- int sl,pl,i,j;
- MD5_CTX ctx,ctx1;
- unsigned long l;
-
- /* Refine the Salt first */
- sp = salt;
-
- /* If it starts with the magic string, then skip that */
- if(!strncmp(sp,magic,strlen(magic)))
- sp += strlen(magic);
-
- /* It stops at the first '$', max 8 chars */
- for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
- continue;
-
- /* get the length of the true salt */
- sl = ep - sp;
-
- MD5Init(&ctx);
-
- /* The password first, since that is what is most unknown */
- MD5Update(&ctx,pw,strlen(pw));
-
- /* Then our magic string */
- MD5Update(&ctx,magic,strlen(magic));
-
- /* Then the raw salt */
- MD5Update(&ctx,sp,sl);
-
- /* Then just as many characters of the MD5(pw,salt,pw) */
- MD5Init(&ctx1);
- MD5Update(&ctx1,pw,strlen(pw));
- MD5Update(&ctx1,sp,sl);
- MD5Update(&ctx1,pw,strlen(pw));
- MD5Final(final,&ctx1);
- for(pl = strlen(pw); pl > 0; pl -= 16)
- MD5Update(&ctx,final,pl>16 ? 16 : pl);
-
- /* Don't leave anything around in vm they could use. */
- memset(final,0,sizeof final);
-
- /* Then something really weird... */
- for (i = strlen(pw); i ; i >>= 1)
- if(i&1)
- MD5Update(&ctx, final, 1);
- else
- MD5Update(&ctx, pw, 1);
-
- /* Now make the output string */
- strcpy(passwd,magic);
- strncat(passwd,sp,sl);
- strcat(passwd,"$");
-
- MD5Final(final,&ctx);
-
- /*
- * and now, just to make sure things don't run too fast
- * On a 60 Mhz Pentium this takes 34 msec, so you would
- * need 30 seconds to build a 1000 entry dictionary...
- */
- for(i=0;i<1000;i++) {
- MD5Init(&ctx1);
- if(i & 1)
- MD5Update(&ctx1,pw,strlen(pw));
- else
- MD5Update(&ctx1,final,16);
-
- if(i % 3)
- MD5Update(&ctx1,sp,sl);
-
- if(i % 7)
- MD5Update(&ctx1,pw,strlen(pw));
-
- if(i & 1)
- MD5Update(&ctx1,final,16);
- else
- MD5Update(&ctx1,pw,strlen(pw));
- MD5Final(final,&ctx1);
- }
-
- p = passwd + strlen(passwd);
-
- l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
- l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
- l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
- l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
- l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
- l = final[11] ; to64(p,l,2); p += 2;
- *p = '\0';
-
- /* Don't leave anything around in vm they could use. */
- memset(final,0,sizeof final);
-
- return passwd;
+ if (!strncmp(salt, "$1$", 3))
+ return crypt_md5(passwd, salt);
+ if (!strncmp(salt, "$3$", 3))
+ return crypt_sha(passwd, salt);
+#ifdef NONEXPORTABLE_CRYPT
+ return crypt_des(passwd, salt);
+#else
+ return NULL;
+#endif
}
-
OpenPOWER on IntegriCloud