PostgreSQL Source Code  git master
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros
crypt-md5.c
Go to the documentation of this file.
1 /*
2  * File imported from FreeBSD, original by Poul-Henning Kamp.
3  *
4  * $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5 1999/12/17 20:21:45 peter Exp $
5  *
6  * contrib/pgcrypto/crypt-md5.c
7  */
8 
9 #include "postgres.h"
10 
11 #include "px.h"
12 #include "px-crypt.h"
13 
14 #define MD5_SIZE 16
15 
16 static const char _crypt_a64[] =
17 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
18 
19 static void
20 _crypt_to64(char *s, unsigned long v, int n)
21 {
22  while (--n >= 0)
23  {
24  *s++ = _crypt_a64[v & 0x3f];
25  v >>= 6;
26  }
27 }
28 
29 /*
30  * UNIX password
31  */
32 
33 char *
34 px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
35 {
36  static char *magic = "$1$"; /* This string is magic for this algorithm.
37  * Having it this way, we can get better later
38  * on */
39  static char *p;
40  static const char *sp,
41  *ep;
42  unsigned char final[MD5_SIZE];
43  int sl,
44  pl,
45  i;
46  PX_MD *ctx,
47  *ctx1;
48  int err;
49  unsigned long l;
50 
51  if (!passwd || dstlen < 120)
52  return NULL;
53 
54  /* Refine the Salt first */
55  sp = salt;
56 
57  /* If it starts with the magic string, then skip that */
58  if (strncmp(sp, magic, strlen(magic)) == 0)
59  sp += strlen(magic);
60 
61  /* It stops at the first '$', max 8 chars */
62  for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
63  continue;
64 
65  /* get the length of the true salt */
66  sl = ep - sp;
67 
68  /* */
69  err = px_find_digest("md5", &ctx);
70  if (err)
71  return NULL;
72  err = px_find_digest("md5", &ctx1);
73 
74  /* The password first, since that is what is most unknown */
75  px_md_update(ctx, (const uint8 *) pw, strlen(pw));
76 
77  /* Then our magic string */
78  px_md_update(ctx, (uint8 *) magic, strlen(magic));
79 
80  /* Then the raw salt */
81  px_md_update(ctx, (const uint8 *) sp, sl);
82 
83  /* Then just as many characters of the MD5(pw,salt,pw) */
84  px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
85  px_md_update(ctx1, (const uint8 *) sp, sl);
86  px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
87  px_md_finish(ctx1, final);
88  for (pl = strlen(pw); pl > 0; pl -= MD5_SIZE)
89  px_md_update(ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl);
90 
91  /* Don't leave anything around in vm they could use. */
92  px_memset(final, 0, sizeof final);
93 
94  /* Then something really weird... */
95  for (i = strlen(pw); i; i >>= 1)
96  if (i & 1)
97  px_md_update(ctx, final, 1);
98  else
99  px_md_update(ctx, (const uint8 *) pw, 1);
100 
101  /* Now make the output string */
102  strcpy(passwd, magic);
103  strncat(passwd, sp, sl);
104  strcat(passwd, "$");
105 
106  px_md_finish(ctx, final);
107 
108  /*
109  * and now, just to make sure things don't run too fast On a 60 Mhz
110  * Pentium this takes 34 msec, so you would need 30 seconds to build a
111  * 1000 entry dictionary...
112  */
113  for (i = 0; i < 1000; i++)
114  {
115  px_md_reset(ctx1);
116  if (i & 1)
117  px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
118  else
119  px_md_update(ctx1, final, MD5_SIZE);
120 
121  if (i % 3)
122  px_md_update(ctx1, (const uint8 *) sp, sl);
123 
124  if (i % 7)
125  px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
126 
127  if (i & 1)
128  px_md_update(ctx1, final, MD5_SIZE);
129  else
130  px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
131  px_md_finish(ctx1, final);
132  }
133 
134  p = passwd + strlen(passwd);
135 
136  l = (final[0] << 16) | (final[6] << 8) | final[12];
137  _crypt_to64(p, l, 4);
138  p += 4;
139  l = (final[1] << 16) | (final[7] << 8) | final[13];
140  _crypt_to64(p, l, 4);
141  p += 4;
142  l = (final[2] << 16) | (final[8] << 8) | final[14];
143  _crypt_to64(p, l, 4);
144  p += 4;
145  l = (final[3] << 16) | (final[9] << 8) | final[15];
146  _crypt_to64(p, l, 4);
147  p += 4;
148  l = (final[4] << 16) | (final[10] << 8) | final[5];
149  _crypt_to64(p, l, 4);
150  p += 4;
151  l = final[11];
152  _crypt_to64(p, l, 2);
153  p += 2;
154  *p = '\0';
155 
156  /* Don't leave anything around in vm they could use. */
157  px_memset(final, 0, sizeof final);
158 
159  px_md_free(ctx1);
160  px_md_free(ctx);
161 
162  return passwd;
163 }
#define MD5_SIZE
Definition: crypt-md5.c:14
#define px_md_update(md, data, dlen)
Definition: px.h:208
unsigned char uint8
Definition: c.h:256
#define px_md_finish(md, buf)
Definition: px.h:209
#define px_md_reset(md)
Definition: px.h:207
Definition: px.h:113
static const char _crypt_a64[]
Definition: crypt-md5.c:16
#define px_md_free(md)
Definition: px.h:210
char * px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
Definition: crypt-md5.c:34
static void _crypt_to64(char *s, unsigned long v, int n)
Definition: crypt-md5.c:20
int i
int px_find_digest(const char *name, PX_MD **res)
Definition: internal.c:578
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134