|
0
|
1 /* ========================================================================
|
|
|
2 * Copyright 1988-2007 University of Washington
|
|
|
3 *
|
|
|
4 * Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
5 * you may not use this file except in compliance with the License.
|
|
|
6 * You may obtain a copy of the License at
|
|
|
7 *
|
|
|
8 * http://www.apache.org/licenses/LICENSE-2.0
|
|
|
9 *
|
|
|
10 *
|
|
|
11 * ========================================================================
|
|
|
12 */
|
|
|
13
|
|
|
14 /*
|
|
|
15 * Program: CRAM-MD5 authenticator
|
|
|
16 *
|
|
|
17 * Author: Mark Crispin
|
|
|
18 * Networks and Distributed Computing
|
|
|
19 * Computing & Communications
|
|
|
20 * University of Washington
|
|
|
21 * Administration Building, AG-44
|
|
|
22 * Seattle, WA 98195
|
|
|
23 * Internet: MRC@CAC.Washington.EDU
|
|
|
24 *
|
|
|
25 * Date: 21 October 1998
|
|
|
26 * Last Edited: 30 January 2007
|
|
|
27 */
|
|
|
28 �
|
|
|
29 /* MD5 context */
|
|
|
30
|
|
|
31 #define MD5BLKLEN 64 /* MD5 block length */
|
|
|
32 #define MD5DIGLEN 16 /* MD5 digest length */
|
|
|
33
|
|
|
34 typedef struct {
|
|
|
35 unsigned long chigh; /* high 32bits of byte count */
|
|
|
36 unsigned long clow; /* low 32bits of byte count */
|
|
|
37 unsigned long state[4]; /* state (ABCD) */
|
|
|
38 unsigned char buf[MD5BLKLEN]; /* input buffer */
|
|
|
39 unsigned char *ptr; /* buffer position */
|
|
|
40 } MD5CONTEXT;
|
|
|
41
|
|
|
42
|
|
|
43 /* Prototypes */
|
|
|
44
|
|
|
45 long auth_md5_valid (void);
|
|
|
46 long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
|
|
|
47 char *service,NETMBX *mb,void *stream,
|
|
|
48 unsigned long *trial,char *user);
|
|
|
49 char *auth_md5_server (authresponse_t responder,int argc,char *argv[]);
|
|
|
50 char *auth_md5_pwd (char *user);
|
|
|
51 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]);
|
|
|
52 char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl);
|
|
|
53 void md5_init (MD5CONTEXT *ctx);
|
|
|
54 void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len);
|
|
|
55 void md5_final (unsigned char *digest,MD5CONTEXT *ctx);
|
|
|
56 static void md5_transform (unsigned long *state,unsigned char *block);
|
|
|
57 static void md5_encode (unsigned char *dst,unsigned long *src,int len);
|
|
|
58 static void md5_decode (unsigned long *dst,unsigned char *src,int len);
|
|
|
59
|
|
|
60
|
|
|
61 /* Authenticator linkage */
|
|
|
62
|
|
|
63 AUTHENTICATOR auth_md5 = {
|
|
|
64 AU_SECURE, /* secure authenticator */
|
|
|
65 "CRAM-MD5", /* authenticator name */
|
|
|
66 auth_md5_valid, /* check if valid */
|
|
|
67 auth_md5_client, /* client method */
|
|
|
68 auth_md5_server, /* server method */
|
|
|
69 NIL /* next authenticator */
|
|
|
70 };
|
|
|
71 �
|
|
|
72 /* Check if CRAM-MD5 valid on this system
|
|
|
73 * Returns: T, always
|
|
|
74 */
|
|
|
75
|
|
|
76 long auth_md5_valid (void)
|
|
|
77 {
|
|
4
|
78 #ifndef QMAIL /* qmail extension can always handle MD5 */
|
|
0
|
79 struct stat sbuf;
|
|
|
80 /* server forbids MD5 if no MD5 enable file */
|
|
|
81 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL;
|
|
4
|
82 #endif
|
|
0
|
83 return T; /* MD5 is otherwise valid */
|
|
|
84 }
|
|
|
85
|
|
|
86
|
|
|
87 /* Client authenticator
|
|
|
88 * Accepts: challenger function
|
|
|
89 * responder function
|
|
|
90 * SASL service name
|
|
|
91 * parsed network mailbox structure
|
|
|
92 * stream argument for functions
|
|
|
93 * pointer to current trial count
|
|
|
94 * returned user name
|
|
|
95 * Returns: T if success, NIL otherwise, number of trials incremented if retry
|
|
|
96 */
|
|
|
97
|
|
|
98 long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
|
|
|
99 char *service,NETMBX *mb,void *stream,
|
|
|
100 unsigned long *trial,char *user)
|
|
|
101 {
|
|
|
102 char pwd[MAILTMPLEN];
|
|
|
103 void *challenge;
|
|
|
104 unsigned long clen;
|
|
|
105 long ret = NIL;
|
|
|
106 /* get challenge */
|
|
|
107 if (challenge = (*challenger) (stream,&clen)) {
|
|
|
108 pwd[0] = NIL; /* prompt user */
|
|
|
109 mm_login (mb,user,pwd,*trial);
|
|
|
110 if (!pwd[0]) { /* user requested abort */
|
|
|
111 fs_give ((void **) &challenge);
|
|
|
112 (*responder) (stream,NIL,0);
|
|
|
113 *trial = 0; /* cancel subsequent attempts */
|
|
|
114 ret = LONGT; /* will get a BAD response back */
|
|
|
115 }
|
|
|
116 else { /* got password, build response */
|
|
|
117 sprintf (pwd,"%.65s %.33s",user,hmac_md5 (challenge,clen,
|
|
|
118 pwd,strlen (pwd)));
|
|
|
119 fs_give ((void **) &challenge);
|
|
|
120 /* send credentials, allow retry if OK */
|
|
|
121 if ((*responder) (stream,pwd,strlen (pwd))) {
|
|
|
122 if (challenge = (*challenger) (stream,&clen))
|
|
|
123 fs_give ((void **) &challenge);
|
|
|
124 else {
|
|
|
125 ++*trial; /* can try again if necessary */
|
|
|
126 ret = LONGT; /* check the authentication */
|
|
|
127 }
|
|
|
128 }
|
|
|
129 }
|
|
|
130 }
|
|
|
131 memset (pwd,0,MAILTMPLEN); /* erase password in case not overwritten */
|
|
|
132 if (!ret) *trial = 65535; /* don't retry if bad protocol */
|
|
|
133 return ret;
|
|
|
134 }
|
|
|
135 �
|
|
|
136 /* Server authenticator
|
|
|
137 * Accepts: responder function
|
|
|
138 * argument count
|
|
|
139 * argument vector
|
|
|
140 * Returns: authenticated user name or NIL
|
|
|
141 *
|
|
|
142 * This is much hairier than it needs to be due to the necessary of zapping
|
|
|
143 * the password data.
|
|
|
144 */
|
|
|
145
|
|
|
146 static int md5try = MAXLOGINTRIALS;
|
|
|
147
|
|
|
148 char *auth_md5_server (authresponse_t responder,int argc,char *argv[])
|
|
|
149 {
|
|
|
150 char *ret = NIL;
|
|
|
151 char *p,*u,*user,*authuser,*hash,chal[MAILTMPLEN];
|
|
|
152 unsigned long cl,pl;
|
|
|
153 /* generate challenge */
|
|
|
154 sprintf (chal,"<%lu.%lu@%s>",(unsigned long) getpid (),
|
|
|
155 (unsigned long) time (0),mylocalhost ());
|
|
|
156 /* send challenge, get user and hash */
|
|
|
157 if (user = (*responder) (chal,cl = strlen (chal),NIL)) {
|
|
|
158 /* got user, locate hash */
|
|
|
159 if (hash = strrchr (user,' ')) {
|
|
|
160 *hash++ = '\0'; /* tie off user */
|
|
|
161 /* see if authentication user */
|
|
|
162 if (authuser = strchr (user,'*')) *authuser++ = '\0';
|
|
|
163 /* get password */
|
|
|
164 if (p = auth_md5_pwd ((authuser && *authuser) ? authuser : user)) {
|
|
|
165 pl = strlen (p);
|
|
|
166 u = (md5try && !strcmp (hash,hmac_md5 (chal,cl,p,pl))) ? user : NIL;
|
|
|
167 memset (p,0,pl); /* erase sensitive information */
|
|
|
168 fs_give ((void **) &p); /* flush erased password */
|
|
|
169 /* now log in for real */
|
|
|
170 if (u && authserver_login (u,authuser,argc,argv)) ret = myusername ();
|
|
|
171 else if (md5try) --md5try;
|
|
|
172 }
|
|
|
173 }
|
|
|
174 fs_give ((void **) &user);
|
|
|
175 }
|
|
|
176 if (!ret) sleep (3); /* slow down possible cracker */
|
|
|
177 return ret;
|
|
|
178 }
|
|
|
179 �
|
|
|
180 /* Return MD5 password for user
|
|
|
181 * Accepts: user name
|
|
|
182 * Returns: plaintext password if success, else NIL
|
|
|
183 *
|
|
|
184 * This is much hairier than it needs to be due to the necessary of zapping
|
|
|
185 * the password data. That's why we don't use stdio here.
|
|
|
186 */
|
|
|
187
|
|
|
188 char *auth_md5_pwd (char *user)
|
|
|
189 {
|
|
|
190 struct stat sbuf;
|
|
4
|
191 #ifndef QMAIL
|
|
0
|
192 int fd = open (MD5ENABLE,O_RDONLY,NIL);
|
|
|
193 unsigned char *s,*t,*buf,*lusr,*lret;
|
|
|
194 char *r;
|
|
|
195 char *ret = NIL;
|
|
|
196 if (fd >= 0) { /* found the file? */
|
|
|
197 fstat (fd,&sbuf); /* yes, slurp it into memory */
|
|
|
198 read (fd,buf = (char *) fs_get (sbuf.st_size + 1),sbuf.st_size);
|
|
|
199 /* see if any uppercase characters in user */
|
|
|
200 for (s = user; *s && ((*s < 'A') || (*s > 'Z')); s++);
|
|
|
201 /* yes, make lowercase copy */
|
|
|
202 lusr = *s ? lcase (cpystr (user)) : NIL;
|
|
|
203 for (s = strtok_r ((char *) buf,"\015\012",&r),lret = NIL; s;
|
|
|
204 s = ret ? NIL : strtok_r (NIL,"\015\012",&r))
|
|
|
205 /* must be valid entry line */
|
|
|
206 if (*s && (*s != '#') && (t = strchr (s,'\t')) && t[1]) {
|
|
|
207 *t++ = '\0'; /* found tab, tie off user, point to pwd */
|
|
|
208 if (!strcmp (s,user)) ret = cpystr (t);
|
|
|
209 else if (lusr && !lret) if (!strcmp (s,lusr)) lret = t;
|
|
|
210 }
|
|
|
211 /* accept case-independent name */
|
|
|
212 if (!ret && lret) ret = cpystr (lret);
|
|
|
213 /* don't need lowercase copy any more */
|
|
|
214 if (lusr) fs_give ((void **) &lusr);
|
|
|
215 /* erase sensitive information from buffer */
|
|
|
216 memset (buf,0,sbuf.st_size + 1);
|
|
|
217 fs_give ((void **) &buf); /* flush the buffer */
|
|
|
218 close (fd); /* don't need file any longer */
|
|
|
219 }
|
|
4
|
220 #else
|
|
|
221 # ifndef USERAPOPFILE
|
|
|
222 # define USERAPOPFILE ".apop"
|
|
|
223 # endif
|
|
|
224 # ifndef XADDR_DELIM
|
|
|
225 # ifdef POSTFIX /* Same if-condition is in maildir.c.. sorry */
|
|
|
226 # define XADDR_DELIM "+"
|
|
|
227 # else
|
|
|
228 # define XADDR_DELIM "-"
|
|
|
229 # endif
|
|
|
230 # endif
|
|
|
231 extern char *myMailSuffix;
|
|
|
232 char mycrypt[BUFSIZ+1];
|
|
|
233 char *ret = NIL, *tmp=NIL;
|
|
|
234 FILE *apopfile = NIL;
|
|
|
235 struct passwd *pw = getpwnam(user);
|
|
|
236 if (!pw) pw = getpwnam(lcase(tmp=cpystr(user)));
|
|
|
237 if (!pw && strstr(user, XADDR_DELIM)) { /* Check qmail alias */
|
|
|
238 char tmp[BUFSIZ];
|
|
|
239 char *s = user;
|
|
|
240 memset(tmp, 0, BUFSIZ);
|
|
|
241 while (*s && s && !pw) {
|
|
|
242 s = strstr(s, XADDR_DELIM);
|
|
|
243 if (!s) break;
|
|
|
244 strncpy(tmp, user, s-user);
|
|
|
245 s++;
|
|
|
246 pw = getpwnam(tmp);
|
|
|
247 }
|
|
|
248 if (pw) {
|
|
|
249 myMailSuffix = lcase(cpystr(s-1));
|
|
|
250 user[strlen(tmp)] = '\0'; /* zap suffix */
|
|
|
251 }
|
|
|
252 }
|
|
|
253 if (pw) {
|
|
|
254 snprintf(mycrypt, BUFSIZ, "%s/%s", pw->pw_dir, USERAPOPFILE);
|
|
|
255 if (NIL != myMailSuffix) strcat(mycrypt, myMailSuffix);
|
|
|
256 if (stat(mycrypt, &sbuf) < 0) {
|
|
|
257 /* printf("Cannot stat [%s]\015\n", mycrypt); */
|
|
|
258 return ret;
|
|
|
259 }
|
|
|
260 if (sbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE)) {
|
|
|
261 /* printf("Your apoppassword file is readable by others. Do chmod 600 %s%c\n", mycrypt, 015); */
|
|
|
262 return ret;
|
|
|
263 }
|
|
|
264 #ifdef APOPOPEN
|
|
|
265 if (stat(APOPOPEN, &sbuf) >= 0) { /* if APPOPEN exists */
|
|
|
266 /* read apop password via APOPOPEN program */
|
|
|
267 int bytes = 3+strlen(APOPOPEN)+strlen(mycrypt);
|
|
|
268 char *aproc = (char*) fs_get(bytes);
|
|
|
269 snprintf(aproc, bytes, "%s %s%c", APOPOPEN, mycrypt, '\0');
|
|
|
270 apopfile = popen(aproc, "r");
|
|
|
271 memset(aproc, 0, bytes);
|
|
|
272 fs_give((void**)&aproc);
|
|
|
273 }
|
|
|
274 #endif /* APOPOPEN */
|
|
|
275 if ((NIL!=apopfile) || (apopfile = fopen( mycrypt, "r" ))) {
|
|
|
276 fgets(mycrypt, sizeof(mycrypt) - 1, apopfile);
|
|
|
277 fclose(apopfile);
|
|
|
278 if (mycrypt[0]) {
|
|
|
279 char p = strlen(mycrypt);
|
|
|
280 while (p > 0 && (mycrypt[p-1] == '\n' || mycrypt[p-1] == '\r')) {
|
|
|
281 mycrypt[--p] = '\0'; /* zap trailing newlines */
|
|
|
282 }
|
|
|
283 }
|
|
|
284 } else {
|
|
|
285 return ret;
|
|
|
286 }
|
|
|
287 ret = cpystr(mycrypt);
|
|
|
288 memset(mycrypt, 0, sizeof(mycrypt));
|
|
|
289 }
|
|
|
290 #endif /* if QMAIL */
|
|
0
|
291 return ret; /* return password */
|
|
|
292 }
|
|
|
293 �
|
|
|
294 /* APOP server login
|
|
|
295 * Accepts: challenge
|
|
|
296 * desired user name
|
|
|
297 * purported MD5
|
|
|
298 * argument count
|
|
|
299 * argument vector
|
|
|
300 * Returns: authenticated user name or NIL
|
|
|
301 */
|
|
|
302
|
|
|
303 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[])
|
|
|
304 {
|
|
|
305 int i,j;
|
|
|
306 char *ret = NIL;
|
|
|
307 char *s,*authuser,tmp[MAILTMPLEN];
|
|
4
|
308 #ifdef QMAIL
|
|
|
309 char *userback = cpystr(user);
|
|
|
310 #endif
|
|
0
|
311 unsigned char digest[MD5DIGLEN];
|
|
|
312 MD5CONTEXT ctx;
|
|
|
313 char *hex = "0123456789abcdef";
|
|
|
314 /* see if authentication user */
|
|
|
315 if (authuser = strchr (user,'*')) *authuser++ = '\0';
|
|
|
316 /* get password */
|
|
|
317 if (s = auth_md5_pwd ((authuser && *authuser) ? authuser : user)) {
|
|
|
318 md5_init (&ctx); /* initialize MD5 context */
|
|
|
319 /* build string to get MD5 digest */
|
|
|
320 sprintf (tmp,"%.128s%.128s",chal,s);
|
|
|
321 memset (s,0,strlen (s)); /* erase sensitive information */
|
|
|
322 fs_give ((void **) &s); /* flush erased password */
|
|
|
323 md5_update (&ctx,(unsigned char *) tmp,strlen (tmp));
|
|
|
324 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */
|
|
|
325 md5_final (digest,&ctx);
|
|
|
326 /* convert to printable hex */
|
|
|
327 for (i = 0, s = tmp; i < MD5DIGLEN; i++) {
|
|
|
328 *s++ = hex[(j = digest[i]) >> 4];
|
|
|
329 *s++ = hex[j & 0xf];
|
|
|
330 }
|
|
|
331 *s = '\0'; /* tie off hash text */
|
|
|
332 memset (digest,0,MD5DIGLEN);/* erase sensitive information */
|
|
|
333 if (md5try && !strcmp (md5,tmp) &&
|
|
|
334 authserver_login (user,authuser,argc,argv))
|
|
|
335 ret = cpystr (myusername ());
|
|
|
336 else if (md5try) --md5try;
|
|
|
337 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */
|
|
|
338 }
|
|
|
339 if (!ret) sleep (3); /* slow down possible cracker */
|
|
4
|
340 else {
|
|
|
341 extern void permitsmtp();
|
|
|
342 /* permitsmtp();*/
|
|
|
343 }
|
|
|
344 #ifdef QMAIL
|
|
|
345 return (ret) ? userback : ret;
|
|
|
346 #else
|
|
0
|
347 return ret;
|
|
4
|
348 #endif
|
|
0
|
349 }
|
|
|
350 �
|
|
|
351 /*
|
|
|
352 * RFC 2104 HMAC hashing
|
|
|
353 * Accepts: text to hash
|
|
|
354 * text length
|
|
|
355 * key
|
|
|
356 * key length
|
|
|
357 * Returns: hash as text, always
|
|
|
358 */
|
|
|
359
|
|
|
360 char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl)
|
|
|
361 {
|
|
|
362 int i,j;
|
|
|
363 static char hshbuf[2*MD5DIGLEN + 1];
|
|
|
364 char *s;
|
|
|
365 MD5CONTEXT ctx;
|
|
|
366 char *hex = "0123456789abcdef";
|
|
|
367 unsigned char digest[MD5DIGLEN],k_ipad[MD5BLKLEN+1],k_opad[MD5BLKLEN+1];
|
|
|
368 if (kl > MD5BLKLEN) { /* key longer than pad length? */
|
|
|
369 md5_init (&ctx); /* yes, set key as MD5(key) */
|
|
|
370 md5_update (&ctx,(unsigned char *) key,kl);
|
|
|
371 md5_final (digest,&ctx);
|
|
|
372 key = (char *) digest;
|
|
|
373 kl = MD5DIGLEN;
|
|
|
374 }
|
|
|
375 memcpy (k_ipad,key,kl); /* store key in pads */
|
|
|
376 memset (k_ipad+kl,0,(MD5BLKLEN+1)-kl);
|
|
|
377 memcpy (k_opad,k_ipad,MD5BLKLEN+1);
|
|
|
378 /* XOR key with ipad and opad values */
|
|
|
379 for (i = 0; i < MD5BLKLEN; i++) {
|
|
|
380 k_ipad[i] ^= 0x36;
|
|
|
381 k_opad[i] ^= 0x5c;
|
|
|
382 }
|
|
|
383 md5_init (&ctx); /* inner MD5: hash ipad and text */
|
|
|
384 md5_update (&ctx,k_ipad,MD5BLKLEN);
|
|
|
385 md5_update (&ctx,(unsigned char *) text,tl);
|
|
|
386 md5_final (digest,&ctx);
|
|
|
387 md5_init (&ctx); /* outer MD5: hash opad and inner results */
|
|
|
388 md5_update (&ctx,k_opad,MD5BLKLEN);
|
|
|
389 md5_update (&ctx,digest,MD5DIGLEN);
|
|
|
390 md5_final (digest,&ctx);
|
|
|
391 /* convert to printable hex */
|
|
|
392 for (i = 0, s = hshbuf; i < MD5DIGLEN; i++) {
|
|
|
393 *s++ = hex[(j = digest[i]) >> 4];
|
|
|
394 *s++ = hex[j & 0xf];
|
|
|
395 }
|
|
|
396 *s = '\0'; /* tie off hash text */
|
|
|
397 return hshbuf;
|
|
|
398 }
|
|
|
399 �
|
|
|
400 /* Everything after this point is derived from the RSA Data Security, Inc.
|
|
|
401 * MD5 Message-Digest Algorithm
|
|
|
402 */
|
|
|
403
|
|
|
404 /* You may wonder why these strange "a &= 0xffffffff;" statements are here.
|
|
|
405 * This is to ensure correct results on machines with a unsigned long size of
|
|
|
406 * larger than 32 bits.
|
|
|
407 */
|
|
|
408
|
|
|
409 #define RND1(a,b,c,d,x,s,ac) \
|
|
|
410 a += ((b & c) | (d & ~b)) + x + (unsigned long) ac; \
|
|
|
411 a &= 0xffffffff; \
|
|
|
412 a = b + ((a << s) | (a >> (32 - s)));
|
|
|
413
|
|
|
414 #define RND2(a,b,c,d,x,s,ac) \
|
|
|
415 a += ((b & d) | (c & ~d)) + x + (unsigned long) ac; \
|
|
|
416 a &= 0xffffffff; \
|
|
|
417 a = b + ((a << s) | (a >> (32 - s)));
|
|
|
418
|
|
|
419 #define RND3(a,b,c,d,x,s,ac) \
|
|
|
420 a += (b ^ c ^ d) + x + (unsigned long) ac; \
|
|
|
421 a &= 0xffffffff; \
|
|
|
422 a = b + ((a << s) | (a >> (32 - s)));
|
|
|
423
|
|
|
424 #define RND4(a,b,c,d,x,s,ac) \
|
|
|
425 a += (c ^ (b | ~d)) + x + (unsigned long) ac; \
|
|
|
426 a &= 0xffffffff; \
|
|
|
427 a = b + ((a << s) | (a >> (32 - s)));
|
|
|
428 �
|
|
|
429 /* Initialize MD5 context
|
|
|
430 * Accepts: context to initialize
|
|
|
431 */
|
|
|
432
|
|
|
433 void md5_init (MD5CONTEXT *ctx)
|
|
|
434 {
|
|
|
435 ctx->clow = ctx->chigh = 0; /* initialize byte count to zero */
|
|
|
436 /* initialization constants */
|
|
|
437 ctx->state[0] = 0x67452301; ctx->state[1] = 0xefcdab89;
|
|
|
438 ctx->state[2] = 0x98badcfe; ctx->state[3] = 0x10325476;
|
|
|
439 ctx->ptr = ctx->buf; /* reset buffer pointer */
|
|
|
440 }
|
|
|
441
|
|
|
442
|
|
|
443 /* MD5 add data to context
|
|
|
444 * Accepts: context
|
|
|
445 * input data
|
|
|
446 * length of data
|
|
|
447 */
|
|
|
448
|
|
|
449 void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len)
|
|
|
450 {
|
|
|
451 unsigned long i = (ctx->buf + MD5BLKLEN) - ctx->ptr;
|
|
|
452 /* update double precision number of bytes */
|
|
|
453 if ((ctx->clow += len) < len) ctx->chigh++;
|
|
|
454 while (i <= len) { /* copy/transform data, 64 bytes at a time */
|
|
|
455 memcpy (ctx->ptr,data,i); /* fill up 64 byte chunk */
|
|
|
456 md5_transform (ctx->state,ctx->ptr = ctx->buf);
|
|
|
457 data += i,len -= i,i = MD5BLKLEN;
|
|
|
458 }
|
|
|
459 memcpy (ctx->ptr,data,len); /* copy final bit of data in buffer */
|
|
|
460 ctx->ptr += len; /* update buffer pointer */
|
|
|
461 }
|
|
|
462 �
|
|
|
463 /* MD5 Finalization
|
|
|
464 * Accepts: destination digest
|
|
|
465 * context
|
|
|
466 */
|
|
|
467
|
|
|
468 void md5_final (unsigned char *digest,MD5CONTEXT *ctx)
|
|
|
469 {
|
|
|
470 unsigned long i,bits[2];
|
|
|
471 bits[0] = ctx->clow << 3; /* calculate length in bits (before padding) */
|
|
|
472 bits[1] = (ctx->chigh << 3) + (ctx->clow >> 29);
|
|
|
473 *ctx->ptr++ = 0x80; /* padding byte */
|
|
|
474 if ((i = (ctx->buf + MD5BLKLEN) - ctx->ptr) < 8) {
|
|
|
475 memset (ctx->ptr,0,i); /* pad out buffer with zeros */
|
|
|
476 md5_transform (ctx->state,ctx->buf);
|
|
|
477 /* pad out with zeros, leaving 8 bytes */
|
|
|
478 memset (ctx->buf,0,MD5BLKLEN - 8);
|
|
|
479 ctx->ptr = ctx->buf + MD5BLKLEN - 8;
|
|
|
480 }
|
|
|
481 else if (i -= 8) { /* need to pad this buffer? */
|
|
|
482 memset (ctx->ptr,0,i); /* yes, pad out with zeros, leaving 8 bytes */
|
|
|
483 ctx->ptr += i;
|
|
|
484 }
|
|
|
485 md5_encode (ctx->ptr,bits,2); /* make LSB-first length */
|
|
|
486 md5_transform (ctx->state,ctx->buf);
|
|
|
487 /* store state in digest */
|
|
|
488 md5_encode (digest,ctx->state,4);
|
|
|
489 /* erase context */
|
|
|
490 memset (ctx,0,sizeof (MD5CONTEXT));
|
|
|
491 }
|
|
|
492 �
|
|
|
493 /* MD5 basic transformation
|
|
|
494 * Accepts: state vector
|
|
|
495 * current 64-byte block
|
|
|
496 */
|
|
|
497
|
|
|
498 static void md5_transform (unsigned long *state,unsigned char *block)
|
|
|
499 {
|
|
|
500 unsigned long a = state[0],b = state[1],c = state[2],d = state[3],x[16];
|
|
|
501 md5_decode (x,block,16); /* decode into 16 longs */
|
|
|
502 /* round 1 */
|
|
|
503 RND1 (a,b,c,d,x[ 0], 7,0xd76aa478); RND1 (d,a,b,c,x[ 1],12,0xe8c7b756);
|
|
|
504 RND1 (c,d,a,b,x[ 2],17,0x242070db); RND1 (b,c,d,a,x[ 3],22,0xc1bdceee);
|
|
|
505 RND1 (a,b,c,d,x[ 4], 7,0xf57c0faf); RND1 (d,a,b,c,x[ 5],12,0x4787c62a);
|
|
|
506 RND1 (c,d,a,b,x[ 6],17,0xa8304613); RND1 (b,c,d,a,x[ 7],22,0xfd469501);
|
|
|
507 RND1 (a,b,c,d,x[ 8], 7,0x698098d8); RND1 (d,a,b,c,x[ 9],12,0x8b44f7af);
|
|
|
508 RND1 (c,d,a,b,x[10],17,0xffff5bb1); RND1 (b,c,d,a,x[11],22,0x895cd7be);
|
|
|
509 RND1 (a,b,c,d,x[12], 7,0x6b901122); RND1 (d,a,b,c,x[13],12,0xfd987193);
|
|
|
510 RND1 (c,d,a,b,x[14],17,0xa679438e); RND1 (b,c,d,a,x[15],22,0x49b40821);
|
|
|
511 /* round 2 */
|
|
|
512 RND2 (a,b,c,d,x[ 1], 5,0xf61e2562); RND2 (d,a,b,c,x[ 6], 9,0xc040b340);
|
|
|
513 RND2 (c,d,a,b,x[11],14,0x265e5a51); RND2 (b,c,d,a,x[ 0],20,0xe9b6c7aa);
|
|
|
514 RND2 (a,b,c,d,x[ 5], 5,0xd62f105d); RND2 (d,a,b,c,x[10], 9, 0x2441453);
|
|
|
515 RND2 (c,d,a,b,x[15],14,0xd8a1e681); RND2 (b,c,d,a,x[ 4],20,0xe7d3fbc8);
|
|
|
516 RND2 (a,b,c,d,x[ 9], 5,0x21e1cde6); RND2 (d,a,b,c,x[14], 9,0xc33707d6);
|
|
|
517 RND2 (c,d,a,b,x[ 3],14,0xf4d50d87); RND2 (b,c,d,a,x[ 8],20,0x455a14ed);
|
|
|
518 RND2 (a,b,c,d,x[13], 5,0xa9e3e905); RND2 (d,a,b,c,x[ 2], 9,0xfcefa3f8);
|
|
|
519 RND2 (c,d,a,b,x[ 7],14,0x676f02d9); RND2 (b,c,d,a,x[12],20,0x8d2a4c8a);
|
|
|
520 /* round 3 */
|
|
|
521 RND3 (a,b,c,d,x[ 5], 4,0xfffa3942); RND3 (d,a,b,c,x[ 8],11,0x8771f681);
|
|
|
522 RND3 (c,d,a,b,x[11],16,0x6d9d6122); RND3 (b,c,d,a,x[14],23,0xfde5380c);
|
|
|
523 RND3 (a,b,c,d,x[ 1], 4,0xa4beea44); RND3 (d,a,b,c,x[ 4],11,0x4bdecfa9);
|
|
|
524 RND3 (c,d,a,b,x[ 7],16,0xf6bb4b60); RND3 (b,c,d,a,x[10],23,0xbebfbc70);
|
|
|
525 RND3 (a,b,c,d,x[13], 4,0x289b7ec6); RND3 (d,a,b,c,x[ 0],11,0xeaa127fa);
|
|
|
526 RND3 (c,d,a,b,x[ 3],16,0xd4ef3085); RND3 (b,c,d,a,x[ 6],23, 0x4881d05);
|
|
|
527 RND3 (a,b,c,d,x[ 9], 4,0xd9d4d039); RND3 (d,a,b,c,x[12],11,0xe6db99e5);
|
|
|
528 RND3 (c,d,a,b,x[15],16,0x1fa27cf8); RND3 (b,c,d,a,x[ 2],23,0xc4ac5665);
|
|
|
529 /* round 4 */
|
|
|
530 RND4 (a,b,c,d,x[ 0], 6,0xf4292244); RND4 (d,a,b,c,x[ 7],10,0x432aff97);
|
|
|
531 RND4 (c,d,a,b,x[14],15,0xab9423a7); RND4 (b,c,d,a,x[ 5],21,0xfc93a039);
|
|
|
532 RND4 (a,b,c,d,x[12], 6,0x655b59c3); RND4 (d,a,b,c,x[ 3],10,0x8f0ccc92);
|
|
|
533 RND4 (c,d,a,b,x[10],15,0xffeff47d); RND4 (b,c,d,a,x[ 1],21,0x85845dd1);
|
|
|
534 RND4 (a,b,c,d,x[ 8], 6,0x6fa87e4f); RND4 (d,a,b,c,x[15],10,0xfe2ce6e0);
|
|
|
535 RND4 (c,d,a,b,x[ 6],15,0xa3014314); RND4 (b,c,d,a,x[13],21,0x4e0811a1);
|
|
|
536 RND4 (a,b,c,d,x[ 4], 6,0xf7537e82); RND4 (d,a,b,c,x[11],10,0xbd3af235);
|
|
|
537 RND4 (c,d,a,b,x[ 2],15,0x2ad7d2bb); RND4 (b,c,d,a,x[ 9],21,0xeb86d391);
|
|
|
538 /* update state */
|
|
|
539 state[0] += a; state[1] += b; state[2] += c; state[3] += d;
|
|
|
540 memset (x,0,sizeof (x)); /* erase sensitive data */
|
|
|
541 }
|
|
|
542 �
|
|
|
543 /* You may wonder why these strange "& 0xff" maskings are here. This is to
|
|
|
544 * ensure correct results on machines with a char size of larger than 8 bits.
|
|
|
545 * For example, the KCC compiler on the PDP-10 uses 9-bit chars.
|
|
|
546 */
|
|
|
547
|
|
|
548 /* MD5 encode unsigned long into LSB-first bytes
|
|
|
549 * Accepts: destination pointer
|
|
|
550 * source
|
|
|
551 * length of source
|
|
|
552 */
|
|
|
553
|
|
|
554 static void md5_encode (unsigned char *dst,unsigned long *src,int len)
|
|
|
555 {
|
|
|
556 int i;
|
|
|
557 for (i = 0; i < len; i++) {
|
|
|
558 *dst++ = (unsigned char) (src[i] & 0xff);
|
|
|
559 *dst++ = (unsigned char) ((src[i] >> 8) & 0xff);
|
|
|
560 *dst++ = (unsigned char) ((src[i] >> 16) & 0xff);
|
|
|
561 *dst++ = (unsigned char) ((src[i] >> 24) & 0xff);
|
|
|
562 }
|
|
|
563 }
|
|
|
564
|
|
|
565
|
|
|
566 /* MD5 decode LSB-first bytes into unsigned long
|
|
|
567 * Accepts: destination pointer
|
|
|
568 * source
|
|
|
569 * length of destination
|
|
|
570 */
|
|
|
571
|
|
|
572 static void md5_decode (unsigned long *dst,unsigned char *src,int len)
|
|
|
573 {
|
|
|
574 int i, j;
|
|
|
575 for (i = 0, j = 0; i < len; i++, j += 4)
|
|
|
576 dst[i] = ((unsigned long) (src[j] & 0xff)) |
|
|
|
577 (((unsigned long) (src[j+1] & 0xff)) << 8) |
|
|
|
578 (((unsigned long) (src[j+2] & 0xff)) << 16) |
|
|
|
579 (((unsigned long) (src[j+3] & 0xff)) << 24);
|
|
|
580 }
|
