summaryrefslogtreecommitdiffstats
path: root/contrib/syslinux-4.02/com32/libutil/crypt-md5.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/syslinux-4.02/com32/libutil/crypt-md5.c')
-rw-r--r--contrib/syslinux-4.02/com32/libutil/crypt-md5.c173
1 files changed, 173 insertions, 0 deletions
diff --git a/contrib/syslinux-4.02/com32/libutil/crypt-md5.c b/contrib/syslinux-4.02/com32/libutil/crypt-md5.c
new file mode 100644
index 0000000..49e9532
--- /dev/null
+++ b/contrib/syslinux-4.02/com32/libutil/crypt-md5.c
@@ -0,0 +1,173 @@
+/*-
+ * Copyright (c) 2003 Poul-Henning Kamp
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <inttypes.h>
+#include <md5.h>
+#include <string.h>
+
+/*
+ * UNIX password
+ */
+
+static char *_crypt_to64(char *s, uint32_t v, int n)
+{
+ static const char itoa64[64] = "./0123456789"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+ while (--n >= 0) {
+ *s++ = itoa64[v & 0x3f];
+ v >>= 6;
+ }
+ return s;
+}
+
+char *crypt_md5(const char *pw, const char *salt)
+{
+ MD5_CTX ctx, ctx1;
+ unsigned long l;
+ int sl, pl;
+ uint32_t i;
+ uint8_t final[MD5_SIZE];
+ const char *sp;
+ static char passwd[120]; /* Output buffer */
+ static const char magic[] = "$1$";
+ char *p;
+ const int magic_len = sizeof magic - 1;
+ int pwlen = strlen(pw);
+
+ /* Refine the Salt first */
+ sp = salt;
+
+ /* If it starts with the magic string, then skip that */
+ if (!strncmp(sp, magic, magic_len))
+ sp += magic_len;
+
+ /* Compute the salt length:
+ it stops at the first '$', max 8 chars */
+ for (sl = 0; sl < 8 && sp[sl] && sp[sl] != '$'; sl++) ;
+
+ MD5Init(&ctx);
+
+ /* The password first, since that is what is most unknown */
+ MD5Update(&ctx, pw, pwlen);
+
+ /* Then our magic string */
+ MD5Update(&ctx, magic, magic_len);
+
+ /* Then the raw salt */
+ MD5Update(&ctx, sp, sl);
+
+ /* Then just as many characters of the MD5(pw,salt,pw) */
+ MD5Init(&ctx1);
+ MD5Update(&ctx1, pw, pwlen);
+ MD5Update(&ctx1, sp, sl);
+ MD5Update(&ctx1, pw, pwlen);
+ MD5Final(final, &ctx1);
+ for (pl = pwlen; pl > 0; pl -= MD5_SIZE)
+ MD5Update(&ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl);
+
+ /* Don't leave anything around in vm they could use. */
+ memset(final, 0, sizeof final);
+
+ /* Then something really weird... */
+ for (i = pwlen; i; i >>= 1)
+ if (i & 1)
+ MD5Update(&ctx, final, 1);
+ else
+ MD5Update(&ctx, pw, 1);
+
+ /* Now make the output string */
+ p = passwd;
+
+ memcpy(p, magic, magic_len);
+ p += magic_len;
+
+ memcpy(p, sp, sl);
+ p += sl;
+
+ *p++ = '$';
+
+ MD5Final(final, &ctx);
+
+ /*
+ * and now, just to make sure things don't run too fast
+ * On a 60 Mhz Pentium this takes 34 msec, so you would
+ * need 30 seconds to build a 1000 entry dictionary...
+ */
+ for (i = 0; i < 1000; i++) {
+ MD5Init(&ctx1);
+ if (i & 1)
+ MD5Update(&ctx1, pw, pwlen);
+ else
+ MD5Update(&ctx1, final, MD5_SIZE);
+
+ if (i % 3)
+ MD5Update(&ctx1, sp, sl);
+
+ if (i % 7)
+ MD5Update(&ctx1, pw, pwlen);
+
+ if (i & 1)
+ MD5Update(&ctx1, final, MD5_SIZE);
+ else
+ MD5Update(&ctx1, pw, pwlen);
+ MD5Final(final, &ctx1);
+ }
+
+ l = (final[0] << 16) | (final[6] << 8) | final[12];
+ p = _crypt_to64(p, l, 4);
+ l = (final[1] << 16) | (final[7] << 8) | final[13];
+ p = _crypt_to64(p, l, 4);
+ l = (final[2] << 16) | (final[8] << 8) | final[14];
+ p = _crypt_to64(p, l, 4);
+ l = (final[3] << 16) | (final[9] << 8) | final[15];
+ p = _crypt_to64(p, l, 4);
+ l = (final[4] << 16) | (final[10] << 8) | final[5];
+ p = _crypt_to64(p, l, 4);
+ l = final[11];
+ p = _crypt_to64(p, l, 2);
+ *p = '\0';
+
+ /* Don't leave anything around in vm they could use. */
+ memset(final, 0, sizeof final);
+
+ return passwd;
+}
+
+#ifdef TEST
+#include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+ int i;
+
+ for (i = 2; i < argc; i += 2) {
+ puts(crypt_md5(argv[i], argv[i - 1]));
+ }
+ return 0;
+}
+
+#endif
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-17 21:57:27 +0200