apr_md5.c 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733
  1. /*
  2. * This is work is derived from material Copyright RSA Data Security, Inc.
  3. *
  4. * The RSA copyright statement and Licence for that original material is
  5. * included below. This is followed by the Apache copyright statement and
  6. * licence for the modifications made to that material.
  7. */
  8. /* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
  9. */
  10. /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
  11. rights reserved.
  12. License to copy and use this software is granted provided that it
  13. is identified as the "RSA Data Security, Inc. MD5 Message-Digest
  14. Algorithm" in all material mentioning or referencing this software
  15. or this function.
  16. License is also granted to make and use derivative works provided
  17. that such works are identified as "derived from the RSA Data
  18. Security, Inc. MD5 Message-Digest Algorithm" in all material
  19. mentioning or referencing the derived work.
  20. RSA Data Security, Inc. makes no representations concerning either
  21. the merchantability of this software or the suitability of this
  22. software for any particular purpose. It is provided "as is"
  23. without express or implied warranty of any kind.
  24. These notices must be retained in any copies of any part of this
  25. documentation and/or software.
  26. */
  27. /* Copyright 2000-2005 The Apache Software Foundation or its licensors, as
  28. * applicable.
  29. *
  30. * Licensed under the Apache License, Version 2.0 (the "License");
  31. * you may not use this file except in compliance with the License.
  32. * You may obtain a copy of the License at
  33. *
  34. * http://www.apache.org/licenses/LICENSE-2.0
  35. *
  36. * Unless required by applicable law or agreed to in writing, software
  37. * distributed under the License is distributed on an "AS IS" BASIS,
  38. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  39. * See the License for the specific language governing permissions and
  40. * limitations under the License.
  41. */
  42. /*
  43. * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0
  44. * MD5 crypt() function, which is licenced as follows:
  45. * ----------------------------------------------------------------------------
  46. * "THE BEER-WARE LICENSE" (Revision 42):
  47. * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
  48. * can do whatever you want with this stuff. If we meet some day, and you think
  49. * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
  50. * ----------------------------------------------------------------------------
  51. */
  52. #include "apr_strings.h"
  53. #include "apr_md5.h"
  54. #include "apr_lib.h"
  55. #include "apu_config.h"
  56. #include "apr_sha1.h"
  57. #if APR_HAVE_STRING_H
  58. #include <string.h>
  59. #endif
  60. #if APR_HAVE_CRYPT_H
  61. #include <crypt.h>
  62. #endif
  63. #if APR_HAVE_UNISTD_H
  64. #include <unistd.h>
  65. #endif
  66. #if APR_HAVE_PTHREAD_H
  67. #include <pthread.h>
  68. #endif
  69. /* Constants for MD5Transform routine.
  70. */
  71. #define S11 7
  72. #define S12 12
  73. #define S13 17
  74. #define S14 22
  75. #define S21 5
  76. #define S22 9
  77. #define S23 14
  78. #define S24 20
  79. #define S31 4
  80. #define S32 11
  81. #define S33 16
  82. #define S34 23
  83. #define S41 6
  84. #define S42 10
  85. #define S43 15
  86. #define S44 21
  87. static void MD5Transform(apr_uint32_t state[4], const unsigned char block[64]);
  88. static void Encode(unsigned char *output, const apr_uint32_t *input,
  89. unsigned int len);
  90. static void Decode(apr_uint32_t *output, const unsigned char *input,
  91. unsigned int len);
  92. static unsigned char PADDING[64] =
  93. {
  94. 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  95. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  96. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
  97. };
  98. #if APR_CHARSET_EBCDIC
  99. static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md5_encode() */
  100. #endif
  101. /* F, G, H and I are basic MD5 functions.
  102. */
  103. #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
  104. #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
  105. #define H(x, y, z) ((x) ^ (y) ^ (z))
  106. #define I(x, y, z) ((y) ^ ((x) | (~z)))
  107. /* ROTATE_LEFT rotates x left n bits.
  108. */
  109. #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
  110. /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
  111. * Rotation is separate from addition to prevent recomputation.
  112. */
  113. #define FF(a, b, c, d, x, s, ac) { \
  114. (a) += F ((b), (c), (d)) + (x) + (apr_uint32_t)(ac); \
  115. (a) = ROTATE_LEFT ((a), (s)); \
  116. (a) += (b); \
  117. }
  118. #define GG(a, b, c, d, x, s, ac) { \
  119. (a) += G ((b), (c), (d)) + (x) + (apr_uint32_t)(ac); \
  120. (a) = ROTATE_LEFT ((a), (s)); \
  121. (a) += (b); \
  122. }
  123. #define HH(a, b, c, d, x, s, ac) { \
  124. (a) += H ((b), (c), (d)) + (x) + (apr_uint32_t)(ac); \
  125. (a) = ROTATE_LEFT ((a), (s)); \
  126. (a) += (b); \
  127. }
  128. #define II(a, b, c, d, x, s, ac) { \
  129. (a) += I ((b), (c), (d)) + (x) + (apr_uint32_t)(ac); \
  130. (a) = ROTATE_LEFT ((a), (s)); \
  131. (a) += (b); \
  132. }
  133. /* MD5 initialization. Begins an MD5 operation, writing a new context.
  134. */
  135. APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context)
  136. {
  137. context->count[0] = context->count[1] = 0;
  138. /* Load magic initialization constants. */
  139. context->state[0] = 0x67452301;
  140. context->state[1] = 0xefcdab89;
  141. context->state[2] = 0x98badcfe;
  142. context->state[3] = 0x10325476;
  143. context->xlate = NULL;
  144. return APR_SUCCESS;
  145. }
  146. /* MD5 translation setup. Provides the APR translation handle
  147. * to be used for translating the content before calculating the
  148. * digest.
  149. */
  150. APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context,
  151. apr_xlate_t *xlate)
  152. {
  153. #if APR_HAS_XLATE
  154. apr_status_t rv;
  155. int is_sb;
  156. /* TODO: remove the single-byte-only restriction from this code
  157. */
  158. rv = apr_xlate_sb_get(xlate, &is_sb);
  159. if (rv != APR_SUCCESS) {
  160. return rv;
  161. }
  162. if (!is_sb) {
  163. return APR_EINVAL;
  164. }
  165. context->xlate = xlate;
  166. return APR_SUCCESS;
  167. #else
  168. return APR_ENOTIMPL;
  169. #endif /* APR_HAS_XLATE */
  170. }
  171. /* MD5 block update operation. Continues an MD5 message-digest
  172. * operation, processing another message block, and updating the
  173. * context.
  174. */
  175. APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context,
  176. const void *_input,
  177. apr_size_t inputLen)
  178. {
  179. const unsigned char *input = _input;
  180. unsigned int i, idx, partLen;
  181. #if APR_HAS_XLATE
  182. apr_size_t inbytes_left, outbytes_left;
  183. #endif
  184. /* Compute number of bytes mod 64 */
  185. idx = (unsigned int)((context->count[0] >> 3) & 0x3F);
  186. /* Update number of bits */
  187. if ((context->count[0] += ((apr_uint32_t)inputLen << 3))
  188. < ((apr_uint32_t)inputLen << 3))
  189. context->count[1]++;
  190. context->count[1] += (apr_uint32_t)inputLen >> 29;
  191. partLen = 64 - idx;
  192. /* Transform as many times as possible. */
  193. #if !APR_HAS_XLATE
  194. if (inputLen >= partLen) {
  195. memcpy(&context->buffer[idx], input, partLen);
  196. MD5Transform(context->state, context->buffer);
  197. for (i = partLen; i + 63 < inputLen; i += 64)
  198. MD5Transform(context->state, &input[i]);
  199. idx = 0;
  200. }
  201. else
  202. i = 0;
  203. /* Buffer remaining input */
  204. memcpy(&context->buffer[idx], &input[i], inputLen - i);
  205. #else /*APR_HAS_XLATE*/
  206. if (inputLen >= partLen) {
  207. if (context->xlate) {
  208. inbytes_left = outbytes_left = partLen;
  209. apr_xlate_conv_buffer(context->xlate, (const char *)input,
  210. &inbytes_left,
  211. (char *)&context->buffer[idx],
  212. &outbytes_left);
  213. }
  214. else {
  215. memcpy(&context->buffer[idx], input, partLen);
  216. }
  217. MD5Transform(context->state, context->buffer);
  218. for (i = partLen; i + 63 < inputLen; i += 64) {
  219. if (context->xlate) {
  220. unsigned char inp_tmp[64];
  221. inbytes_left = outbytes_left = 64;
  222. apr_xlate_conv_buffer(context->xlate, (const char *)&input[i],
  223. &inbytes_left, (char *)inp_tmp,
  224. &outbytes_left);
  225. MD5Transform(context->state, inp_tmp);
  226. }
  227. else {
  228. MD5Transform(context->state, &input[i]);
  229. }
  230. }
  231. idx = 0;
  232. }
  233. else
  234. i = 0;
  235. /* Buffer remaining input */
  236. if (context->xlate) {
  237. inbytes_left = outbytes_left = inputLen - i;
  238. apr_xlate_conv_buffer(context->xlate, (const char *)&input[i],
  239. &inbytes_left, (char *)&context->buffer[idx],
  240. &outbytes_left);
  241. }
  242. else {
  243. memcpy(&context->buffer[idx], &input[i], inputLen - i);
  244. }
  245. #endif /*APR_HAS_XLATE*/
  246. return APR_SUCCESS;
  247. }
  248. /* MD5 finalization. Ends an MD5 message-digest operation, writing the
  249. * the message digest and zeroizing the context.
  250. */
  251. APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE],
  252. apr_md5_ctx_t *context)
  253. {
  254. unsigned char bits[8];
  255. unsigned int idx, padLen;
  256. /* Save number of bits */
  257. Encode(bits, context->count, 8);
  258. #if APR_HAS_XLATE
  259. /* apr_md5_update() should not translate for this final round. */
  260. context->xlate = NULL;
  261. #endif /*APR_HAS_XLATE*/
  262. /* Pad out to 56 mod 64. */
  263. idx = (unsigned int)((context->count[0] >> 3) & 0x3f);
  264. padLen = (idx < 56) ? (56 - idx) : (120 - idx);
  265. apr_md5_update(context, PADDING, padLen);
  266. /* Append length (before padding) */
  267. apr_md5_update(context, bits, 8);
  268. /* Store state in digest */
  269. Encode(digest, context->state, APR_MD5_DIGESTSIZE);
  270. /* Zeroize sensitive information. */
  271. memset(context, 0, sizeof(*context));
  272. return APR_SUCCESS;
  273. }
  274. /* MD5 in one step (init, update, final)
  275. */
  276. APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE],
  277. const void *_input,
  278. apr_size_t inputLen)
  279. {
  280. const unsigned char *input = _input;
  281. apr_md5_ctx_t ctx;
  282. apr_status_t rv;
  283. apr_md5_init(&ctx);
  284. if ((rv = apr_md5_update(&ctx, input, inputLen)) != APR_SUCCESS)
  285. return rv;
  286. return apr_md5_final(digest, &ctx);
  287. }
  288. /* MD5 basic transformation. Transforms state based on block. */
  289. static void MD5Transform(apr_uint32_t state[4], const unsigned char block[64])
  290. {
  291. apr_uint32_t a = state[0], b = state[1], c = state[2], d = state[3],
  292. x[APR_MD5_DIGESTSIZE];
  293. Decode(x, block, 64);
  294. /* Round 1 */
  295. FF(a, b, c, d, x[0], S11, 0xd76aa478); /* 1 */
  296. FF(d, a, b, c, x[1], S12, 0xe8c7b756); /* 2 */
  297. FF(c, d, a, b, x[2], S13, 0x242070db); /* 3 */
  298. FF(b, c, d, a, x[3], S14, 0xc1bdceee); /* 4 */
  299. FF(a, b, c, d, x[4], S11, 0xf57c0faf); /* 5 */
  300. FF(d, a, b, c, x[5], S12, 0x4787c62a); /* 6 */
  301. FF(c, d, a, b, x[6], S13, 0xa8304613); /* 7 */
  302. FF(b, c, d, a, x[7], S14, 0xfd469501); /* 8 */
  303. FF(a, b, c, d, x[8], S11, 0x698098d8); /* 9 */
  304. FF(d, a, b, c, x[9], S12, 0x8b44f7af); /* 10 */
  305. FF(c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
  306. FF(b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
  307. FF(a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
  308. FF(d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
  309. FF(c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
  310. FF(b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
  311. /* Round 2 */
  312. GG(a, b, c, d, x[1], S21, 0xf61e2562); /* 17 */
  313. GG(d, a, b, c, x[6], S22, 0xc040b340); /* 18 */
  314. GG(c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
  315. GG(b, c, d, a, x[0], S24, 0xe9b6c7aa); /* 20 */
  316. GG(a, b, c, d, x[5], S21, 0xd62f105d); /* 21 */
  317. GG(d, a, b, c, x[10], S22, 0x2441453); /* 22 */
  318. GG(c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
  319. GG(b, c, d, a, x[4], S24, 0xe7d3fbc8); /* 24 */
  320. GG(a, b, c, d, x[9], S21, 0x21e1cde6); /* 25 */
  321. GG(d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
  322. GG(c, d, a, b, x[3], S23, 0xf4d50d87); /* 27 */
  323. GG(b, c, d, a, x[8], S24, 0x455a14ed); /* 28 */
  324. GG(a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
  325. GG(d, a, b, c, x[2], S22, 0xfcefa3f8); /* 30 */
  326. GG(c, d, a, b, x[7], S23, 0x676f02d9); /* 31 */
  327. GG(b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
  328. /* Round 3 */
  329. HH(a, b, c, d, x[5], S31, 0xfffa3942); /* 33 */
  330. HH(d, a, b, c, x[8], S32, 0x8771f681); /* 34 */
  331. HH(c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
  332. HH(b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
  333. HH(a, b, c, d, x[1], S31, 0xa4beea44); /* 37 */
  334. HH(d, a, b, c, x[4], S32, 0x4bdecfa9); /* 38 */
  335. HH(c, d, a, b, x[7], S33, 0xf6bb4b60); /* 39 */
  336. HH(b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
  337. HH(a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
  338. HH(d, a, b, c, x[0], S32, 0xeaa127fa); /* 42 */
  339. HH(c, d, a, b, x[3], S33, 0xd4ef3085); /* 43 */
  340. HH(b, c, d, a, x[6], S34, 0x4881d05); /* 44 */
  341. HH(a, b, c, d, x[9], S31, 0xd9d4d039); /* 45 */
  342. HH(d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
  343. HH(c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
  344. HH(b, c, d, a, x[2], S34, 0xc4ac5665); /* 48 */
  345. /* Round 4 */
  346. II(a, b, c, d, x[0], S41, 0xf4292244); /* 49 */
  347. II(d, a, b, c, x[7], S42, 0x432aff97); /* 50 */
  348. II(c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
  349. II(b, c, d, a, x[5], S44, 0xfc93a039); /* 52 */
  350. II(a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
  351. II(d, a, b, c, x[3], S42, 0x8f0ccc92); /* 54 */
  352. II(c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
  353. II(b, c, d, a, x[1], S44, 0x85845dd1); /* 56 */
  354. II(a, b, c, d, x[8], S41, 0x6fa87e4f); /* 57 */
  355. II(d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
  356. II(c, d, a, b, x[6], S43, 0xa3014314); /* 59 */
  357. II(b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
  358. II(a, b, c, d, x[4], S41, 0xf7537e82); /* 61 */
  359. II(d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
  360. II(c, d, a, b, x[2], S43, 0x2ad7d2bb); /* 63 */
  361. II(b, c, d, a, x[9], S44, 0xeb86d391); /* 64 */
  362. state[0] += a;
  363. state[1] += b;
  364. state[2] += c;
  365. state[3] += d;
  366. /* Zeroize sensitive information. */
  367. memset(x, 0, sizeof(x));
  368. }
  369. /* Encodes input (apr_uint32_t) into output (unsigned char). Assumes len is
  370. * a multiple of 4.
  371. */
  372. static void Encode(unsigned char *output, const apr_uint32_t *input,
  373. unsigned int len)
  374. {
  375. unsigned int i, j;
  376. apr_uint32_t k;
  377. for (i = 0, j = 0; j < len; i++, j += 4) {
  378. k = input[i];
  379. output[j] = (unsigned char)(k & 0xff);
  380. output[j + 1] = (unsigned char)((k >> 8) & 0xff);
  381. output[j + 2] = (unsigned char)((k >> 16) & 0xff);
  382. output[j + 3] = (unsigned char)((k >> 24) & 0xff);
  383. }
  384. }
  385. /* Decodes input (unsigned char) into output (apr_uint32_t). Assumes len is
  386. * a multiple of 4.
  387. */
  388. static void Decode(apr_uint32_t *output, const unsigned char *input,
  389. unsigned int len)
  390. {
  391. unsigned int i, j;
  392. for (i = 0, j = 0; j < len; i++, j += 4)
  393. output[i] = ((apr_uint32_t)input[j]) |
  394. (((apr_uint32_t)input[j + 1]) << 8) |
  395. (((apr_uint32_t)input[j + 2]) << 16) |
  396. (((apr_uint32_t)input[j + 3]) << 24);
  397. }
  398. #if APR_CHARSET_EBCDIC
  399. APU_DECLARE(apr_status_t) apr_MD5InitEBCDIC(apr_xlate_t *xlate)
  400. {
  401. xlate_ebcdic_to_ascii = xlate;
  402. return APR_SUCCESS;
  403. }
  404. #endif
  405. /*
  406. * Define the Magic String prefix that identifies a password as being
  407. * hashed using our algorithm.
  408. */
  409. static const char *apr1_id = "$apr1$";
  410. /*
  411. * The following MD5 password encryption code was largely borrowed from
  412. * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is
  413. * licenced as stated at the top of this file.
  414. */
  415. static void to64(char *s, unsigned long v, int n)
  416. {
  417. static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
  418. "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
  419. while (--n >= 0) {
  420. *s++ = itoa64[v&0x3f];
  421. v >>= 6;
  422. }
  423. }
  424. APU_DECLARE(apr_status_t) apr_md5_encode(const char *pw, const char *salt,
  425. char *result, apr_size_t nbytes)
  426. {
  427. /*
  428. * Minimum size is 8 bytes for salt, plus 1 for the trailing NUL,
  429. * plus 4 for the '$' separators, plus the password hash itself.
  430. * Let's leave a goodly amount of leeway.
  431. */
  432. char passwd[120], *p;
  433. const char *sp, *ep;
  434. unsigned char final[APR_MD5_DIGESTSIZE];
  435. apr_ssize_t sl, pl, i;
  436. apr_md5_ctx_t ctx, ctx1;
  437. unsigned long l;
  438. /*
  439. * Refine the salt first. It's possible we were given an already-hashed
  440. * string as the salt argument, so extract the actual salt value from it
  441. * if so. Otherwise just use the string up to the first '$' as the salt.
  442. */
  443. sp = salt;
  444. /*
  445. * If it starts with the magic string, then skip that.
  446. */
  447. if (!strncmp(sp, apr1_id, strlen(apr1_id))) {
  448. sp += strlen(apr1_id);
  449. }
  450. /*
  451. * It stops at the first '$' or 8 chars, whichever comes first
  452. */
  453. for (ep = sp; (*ep != '\0') && (*ep != '$') && (ep < (sp + 8)); ep++) {
  454. continue;
  455. }
  456. /*
  457. * Get the length of the true salt
  458. */
  459. sl = ep - sp;
  460. /*
  461. * 'Time to make the doughnuts..'
  462. */
  463. apr_md5_init(&ctx);
  464. #if APR_CHARSET_EBCDIC
  465. apr_md5_set_xlate(&ctx, xlate_ebcdic_to_ascii);
  466. #endif
  467. /*
  468. * The password first, since that is what is most unknown
  469. */
  470. apr_md5_update(&ctx, pw, strlen(pw));
  471. /*
  472. * Then our magic string
  473. */
  474. apr_md5_update(&ctx, apr1_id, strlen(apr1_id));
  475. /*
  476. * Then the raw salt
  477. */
  478. apr_md5_update(&ctx, sp, sl);
  479. /*
  480. * Then just as many characters of the MD5(pw, salt, pw)
  481. */
  482. apr_md5_init(&ctx1);
  483. apr_md5_update(&ctx1, pw, strlen(pw));
  484. apr_md5_update(&ctx1, sp, sl);
  485. apr_md5_update(&ctx1, pw, strlen(pw));
  486. apr_md5_final(final, &ctx1);
  487. for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) {
  488. apr_md5_update(&ctx, final,
  489. (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl);
  490. }
  491. /*
  492. * Don't leave anything around in vm they could use.
  493. */
  494. memset(final, 0, sizeof(final));
  495. /*
  496. * Then something really weird...
  497. */
  498. for (i = strlen(pw); i != 0; i >>= 1) {
  499. if (i & 1) {
  500. apr_md5_update(&ctx, final, 1);
  501. }
  502. else {
  503. apr_md5_update(&ctx, pw, 1);
  504. }
  505. }
  506. /*
  507. * Now make the output string. We know our limitations, so we
  508. * can use the string routines without bounds checking.
  509. */
  510. strcpy(passwd, apr1_id);
  511. strncat(passwd, sp, sl);
  512. strcat(passwd, "$");
  513. apr_md5_final(final, &ctx);
  514. /*
  515. * And now, just to make sure things don't run too fast..
  516. * On a 60 Mhz Pentium this takes 34 msec, so you would
  517. * need 30 seconds to build a 1000 entry dictionary...
  518. */
  519. for (i = 0; i < 1000; i++) {
  520. apr_md5_init(&ctx1);
  521. if (i & 1) {
  522. apr_md5_update(&ctx1, pw, strlen(pw));
  523. }
  524. else {
  525. apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE);
  526. }
  527. if (i % 3) {
  528. apr_md5_update(&ctx1, sp, sl);
  529. }
  530. if (i % 7) {
  531. apr_md5_update(&ctx1, pw, strlen(pw));
  532. }
  533. if (i & 1) {
  534. apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE);
  535. }
  536. else {
  537. apr_md5_update(&ctx1, pw, strlen(pw));
  538. }
  539. apr_md5_final(final,&ctx1);
  540. }
  541. p = passwd + strlen(passwd);
  542. l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p, l, 4); p += 4;
  543. l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p, l, 4); p += 4;
  544. l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p, l, 4); p += 4;
  545. l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p, l, 4); p += 4;
  546. l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p, l, 4); p += 4;
  547. l = final[11] ; to64(p, l, 2); p += 2;
  548. *p = '\0';
  549. /*
  550. * Don't leave anything around in vm they could use.
  551. */
  552. memset(final, 0, sizeof(final));
  553. apr_cpystrn(result, passwd, nbytes - 1);
  554. return APR_SUCCESS;
  555. }
  556. #if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
  557. #if defined(APU_CRYPT_THREADSAFE) || !APR_HAS_THREADS || \
  558. defined(CRYPT_R_CRYPTD) || defined(CRYPT_R_STRUCT_CRYPT_DATA)
  559. #define crypt_mutex_lock()
  560. #define crypt_mutex_unlock()
  561. #elif APR_HAVE_PTHREAD_H && defined(PTHREAD_MUTEX_INITIALIZER)
  562. static pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER;
  563. static void crypt_mutex_lock(void)
  564. {
  565. pthread_mutex_lock(&crypt_mutex);
  566. }
  567. static void crypt_mutex_unlock(void)
  568. {
  569. pthread_mutex_unlock(&crypt_mutex);
  570. }
  571. #else
  572. #error apr_password_validate() is not threadsafe. rebuild APR without thread support.
  573. #endif
  574. #endif
  575. /*
  576. * Validate a plaintext password against a smashed one. Uses either
  577. * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending
  578. * upon the format of the smashed input password. Returns APR_SUCCESS if
  579. * they match, or APR_EMISMATCH if they don't. If the platform doesn't
  580. * support crypt, then the default check is against a clear text string.
  581. */
  582. APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd,
  583. const char *hash)
  584. {
  585. char sample[120];
  586. #if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
  587. char *crypt_pw;
  588. #endif
  589. if (!strncmp(hash, apr1_id, strlen(apr1_id))) {
  590. /*
  591. * The hash was created using our custom algorithm.
  592. */
  593. apr_md5_encode(passwd, hash, sample, sizeof(sample));
  594. }
  595. else if (!strncmp(hash, APR_SHA1PW_ID, APR_SHA1PW_IDLEN)) {
  596. apr_sha1_base64(passwd, strlen(passwd), sample);
  597. }
  598. else {
  599. /*
  600. * It's not our algorithm, so feed it to crypt() if possible.
  601. */
  602. #if defined(WIN32) || defined(BEOS) || defined(NETWARE)
  603. apr_cpystrn(sample, passwd, sizeof(sample) - 1);
  604. #elif defined(CRYPT_R_CRYPTD)
  605. CRYPTD buffer;
  606. crypt_pw = crypt_r(passwd, hash, &buffer);
  607. apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
  608. #elif defined(CRYPT_R_STRUCT_CRYPT_DATA)
  609. struct crypt_data buffer;
  610. /* having to clear this seems bogus... GNU doc is
  611. * confusing... user report found from google says
  612. * the crypt_data struct had to be cleared to get
  613. * the same result as plain crypt()
  614. */
  615. memset(&buffer, 0, sizeof(buffer));
  616. crypt_pw = crypt_r(passwd, hash, &buffer);
  617. apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
  618. #else
  619. /* Do a bit of sanity checking since we know that crypt_r()
  620. * should always be used for threaded builds on AIX, and
  621. * problems in configure logic can result in the wrong
  622. * choice being made.
  623. */
  624. #if defined(_AIX) && APR_HAS_THREADS
  625. #error Configuration error! crypt_r() should have been selected!
  626. #endif
  627. /* Handle thread safety issues by holding a mutex around the
  628. * call to crypt().
  629. */
  630. crypt_mutex_lock();
  631. crypt_pw = crypt(passwd, hash);
  632. apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
  633. crypt_mutex_unlock();
  634. #endif
  635. }
  636. return (strcmp(sample, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH;
  637. }