ecommun / owncloud_ynh

Blame view

sources/3rdparty/phpass/c/crypt_private.c 2.23 KB
edit raw normal view history
03e52840d   Kload   Init 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
  /*
   * This code exists for the sole purpose to serve as another implementation
   * of the "private" password hashing method implemened in PasswordHash.php
   * and thus to confirm that these password hashes are indeed calculated as
   * intended.
   *
   * Other uses of this code are discouraged.  There are much better password
   * hashing algorithms available to C programmers; one of those is bcrypt:
   *
   *	http://www.openwall.com/crypt/
   *
   * Written by Solar Designer <solar at openwall.com> in 2005 and placed in
   * the public domain.
   *
   * There's absolutely no warranty.
   */
  
  #include <string.h>
  #include <openssl/md5.h>
  
  #ifdef TEST
  #include <stdio.h>
  #endif
  
  static char *itoa64 =
  	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
  
  static void encode64(char *dst, char *src, int count)
  {
  	int i, value;
  
  	i = 0;
  	do {
  		value = (unsigned char)src[i++];
  		*dst++ = itoa64[value & 0x3f];
  		if (i < count)
  			value |= (unsigned char)src[i] << 8;
  		*dst++ = itoa64[(value >> 6) & 0x3f];
  		if (i++ >= count)
  			break;
  		if (i < count)
  			value |= (unsigned char)src[i] << 16;
  		*dst++ = itoa64[(value >> 12) & 0x3f];
  		if (i++ >= count)
  			break;
  		*dst++ = itoa64[(value >> 18) & 0x3f];
  	} while (i < count);
  }
  
  char *crypt_private(char *password, char *setting)
  {
  	static char output[35];
  	MD5_CTX ctx;
  	char hash[MD5_DIGEST_LENGTH];
  	char *p, *salt;
  	int count_log2, length, count;
  
  	strcpy(output, "*0");
  	if (!strncmp(setting, output, 2))
  		output[1] = '1';
  
  	if (strncmp(setting, "$P$", 3))
  		return output;
  
  	p = strchr(itoa64, setting[3]);
  	if (!p)
  		return output;
  	count_log2 = p - itoa64;
  	if (count_log2 < 7 || count_log2 > 30)
  		return output;
  
  	salt = setting + 4;
  	if (strlen(salt) < 8)
  		return output;
  
  	length = strlen(password);
  
  	MD5_Init(&ctx);
  	MD5_Update(&ctx, salt, 8);
  	MD5_Update(&ctx, password, length);
  	MD5_Final(hash, &ctx);
  
  	count = 1 << count_log2;
  	do {
  		MD5_Init(&ctx);
  		MD5_Update(&ctx, hash, MD5_DIGEST_LENGTH);
  		MD5_Update(&ctx, password, length);
  		MD5_Final(hash, &ctx);
  	} while (--count);
  
  	memcpy(output, setting, 12);
  	encode64(&output[12], hash, MD5_DIGEST_LENGTH);
  
  	return output;
  }
  
  #ifdef TEST
  int main(int argc, char **argv)
  {
  	if (argc != 3) return 1;
  
  	puts(crypt_private(argv[1], argv[2]));
  
  	return 0;
  }
  #endif