diff options
Diffstat (limited to 'src/common/md5calc.c')
| -rw-r--r-- | src/common/md5calc.c | 505 |
1 files changed, 240 insertions, 265 deletions
diff --git a/src/common/md5calc.c b/src/common/md5calc.c index 6069070..d5ebcf8 100644 --- a/src/common/md5calc.c +++ b/src/common/md5calc.c @@ -1,335 +1,310 @@ -// $Id: md5calc.c,v 1.1.1.1 2004/09/10 17:26:54 MagicalTux Exp $ -/*********************************************************** - * md5 calculation algorithm - * - * The source code referred to the following URL. - * http://www.geocities.co.jp/SiliconValley-Oakland/8878/lab17/lab17.html - * - ***********************************************************/ - #include "md5calc.h" #include <string.h> -#include <stdio.h> #include "mt_rand.h" -#ifndef UINT_MAX -#define UINT_MAX 4294967295U -#endif - -// Global variable -static unsigned int *pX; - -// Stirng Table -static const unsigned int T[] = { +// auxilary data +/* +sin() constant table +# Reformatted output of: +echo 'scale=40; obase=16; for (i=1;i<=64;i++) print 2^32 * sin(i), "\n"' | +bc | sed 's/^-//;s/^/0x/;s/\..*$/,/' +*/ +static const uint32_t T[64] = +{ + // used by round 1 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, //0 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, //4 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be, //8 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, //12 + // used by round 2 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa, //16 - 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8, //20 + 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8, //20 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, //24 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a, //28 + // used by round 3 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c, //32 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, //36 - 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05, //40 + 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05, //40 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, //44 + // used by round 4 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, //48 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1, //52 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, //56 - 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391 //60 + 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391, //60 }; -// ROTATE_LEFT The left is made to rotate x [ n-bit ]. This is diverted as it is from RFC. -#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) +// auxilary functions +// note - the RFC defines these by non-CS conventions: or=v, and=(empty) +static inline uint32_t rotate_left(uint32_t val, unsigned shift) +{ + return val << shift | val >> (32-shift); +} -// The function used for other calculation -static unsigned int F (unsigned int X, unsigned int Y, unsigned int Z) +static inline uint32_t F(uint32_t X, uint32_t Y, uint32_t Z) { return (X & Y) | (~X & Z); } - -static unsigned int G (unsigned int X, unsigned int Y, unsigned int Z) +static inline uint32_t G(uint32_t X, uint32_t Y, uint32_t Z) { return (X & Z) | (Y & ~Z); } - -static unsigned int H (unsigned int X, unsigned int Y, unsigned int Z) +static inline uint32_t H(uint32_t X, uint32_t Y, uint32_t Z) { return X ^ Y ^ Z; } - -static unsigned int I (unsigned int X, unsigned int Y, unsigned int Z) +static inline uint32_t I(uint32_t X, uint32_t Y, uint32_t Z) { return Y ^ (X | ~Z); } -static unsigned int Round (unsigned int a, unsigned int b, unsigned int FGHI, - unsigned int k, unsigned int s, unsigned int i) +static const struct { - return b + ROTATE_LEFT (a + FGHI + pX[k] + T[i], s); + uint8_t k : 4; + uint8_t : 0; + uint8_t s : 5; +// uint8_t i : 6; just increments constantly, from 1 .. 64 over all rounds } +MD5_round1[16] = +{ + { 0, 7}, { 1, 12}, { 2, 17}, { 3, 22}, + { 4, 7}, { 5, 12}, { 6, 17}, { 7, 22}, + { 8, 7}, { 9, 12}, {10, 17}, {11, 22}, + {12, 7}, {13, 12}, {14, 17}, {15, 22}, +}, +MD5_round2[16] = +{ + { 1, 5}, { 6, 9}, {11, 14}, { 0, 20}, + { 5, 5}, {10, 9}, {15, 14}, { 4, 20}, + { 9, 5}, {14, 9}, { 3, 14}, { 8, 20}, + {13, 5}, { 2, 9}, { 7, 14}, {12, 20}, +}, +MD5_round3[16] = +{ + { 5, 4}, { 8, 11}, {11, 16}, {14, 23}, + { 1, 4}, { 4, 11}, { 7, 16}, {10, 23}, + {13, 4}, { 0, 11}, { 3, 16}, { 6, 23}, + { 9, 4}, {12, 11}, {15, 16}, { 2, 23}, +}, +MD5_round4[16] = +{ + { 0, 6}, { 7, 10}, {14, 15}, { 5, 21}, + {12, 6}, { 3, 10}, {10, 15}, { 1, 21}, + { 8, 6}, {15, 10}, { 6, 15}, {13, 21}, + { 4, 6}, {11, 10}, { 2, 15}, { 9, 21}, +}; -static void Round1 (unsigned int *a, unsigned int b, unsigned int c, - unsigned int d, unsigned int k, unsigned int s, - unsigned int i) + +void MD5_init(MD5_state* state) { - *a = Round (*a, b, F (b, c, d), k, s, i); + // in the RFC, these are specified as bytes, interpreted as little-endian + state->val[0] = 0x67452301; + state->val[1] = 0xEFCDAB89; + state->val[2] = 0x98BADCFE; + state->val[3] = 0x10325476; } -static void Round2 (unsigned int *a, unsigned int b, unsigned int c, - unsigned int d, unsigned int k, unsigned int s, - unsigned int i) +void MD5_do_block(MD5_state* state, MD5_block block) { - *a = Round (*a, b, G (b, c, d), k, s, i); +#define X block.data +#define a state->val[(16-i)%4] +#define b state->val[(17-i)%4] +#define c state->val[(18-i)%4] +#define d state->val[(19-i)%4] + // save the values + const MD5_state saved = *state; + // round 1 + for (int i=0; i<16; i++) + { +#define k MD5_round1[i].k +#define s MD5_round1[i].s + a = b + rotate_left(a + F(b,c,d) + X[k] + T[i+0x0], s); +#undef k +#undef s + } + // round 2 + for (int i=0; i<16; i++) + { +#define k MD5_round2[i].k +#define s MD5_round2[i].s + a = b + rotate_left(a + G(b,c,d) + X[k] + T[i+0x10], s); +#undef k +#undef s + } + // round 3 + for (int i=0; i<16; i++) + { +#define k MD5_round3[i].k +#define s MD5_round3[i].s + a = b + rotate_left(a + H(b,c,d) + X[k] + T[i+0x20], s); +#undef k +#undef s + } + // round 4 + for (int i=0; i<16; i++) + { +#define k MD5_round4[i].k +#define s MD5_round4[i].s + a = b + rotate_left(a + I(b,c,d) + X[k] + T[i+0x30], s); +#undef k +#undef s + } + // adjust state based on original + state->val[0] += saved.val[0]; + state->val[1] += saved.val[1]; + state->val[2] += saved.val[2]; + state->val[3] += saved.val[3]; +#undef a +#undef b +#undef c +#undef d } -static void Round3 (unsigned int *a, unsigned int b, unsigned int c, - unsigned int d, unsigned int k, unsigned int s, - unsigned int i) +void MD5_to_bin(MD5_state state, uint8_t out[0x10]) { - *a = Round (*a, b, H (b, c, d), k, s, i); + for (int i=0; i<0x10; i++) + out[i] = state.val[i/4] >> 8*(i%4); } -static void Round4 (unsigned int *a, unsigned int b, unsigned int c, - unsigned int d, unsigned int k, unsigned int s, - unsigned int i) +static const char hex[0x10] = "0123456789abcdef"; + +void MD5_to_str(MD5_state state, char out[0x21]) { - *a = Round (*a, b, I (b, c, d), k, s, i); + uint8_t bin[16]; + MD5_to_bin(state, bin); + for (int i=0; i<0x10; i++) + out[2*i] = hex[bin[i] >> 4], + out[2*i+1] = hex[bin[i] & 0xf]; + out[0x20] = '\0'; } -static void MD5_Round_Calculate (const unsigned char *block, - unsigned int *A2, unsigned int *B2, - unsigned int *C2, unsigned int *D2) +MD5_state MD5_from_string(const char* msg, const size_t msglen) { - //create X It is since it is required. - unsigned int X[16]; //512bit 64byte - int j, k; - - //Save A as AA, B as BB, C as CC, and and D as DD (saving of A, B, C, and D) - unsigned int A = *A2, B = *B2, C = *C2, D = *D2; - unsigned int AA = A, BB = B, CC = C, DD = D; - - //It is a large region variable reluctantly because of calculation of a round. . . for Round1...4 - pX = X; - - //Copy block(padding_message) i into X - for (j = 0, k = 0; j < 64; j += 4, k++) - X[k] = ((unsigned int) block[j]) // 8byte*4 -> 32byte conversion - | (((unsigned int) block[j + 1]) << 8) // A function called Decode as used in the field of RFC - | (((unsigned int) block[j + 2]) << 16) - | (((unsigned int) block[j + 3]) << 24); - - //Round 1 - Round1 (&A, B, C, D, 0, 7, 0); - Round1 (&D, A, B, C, 1, 12, 1); - Round1 (&C, D, A, B, 2, 17, 2); - Round1 (&B, C, D, A, 3, 22, 3); - Round1 (&A, B, C, D, 4, 7, 4); - Round1 (&D, A, B, C, 5, 12, 5); - Round1 (&C, D, A, B, 6, 17, 6); - Round1 (&B, C, D, A, 7, 22, 7); - Round1 (&A, B, C, D, 8, 7, 8); - Round1 (&D, A, B, C, 9, 12, 9); - Round1 (&C, D, A, B, 10, 17, 10); - Round1 (&B, C, D, A, 11, 22, 11); - Round1 (&A, B, C, D, 12, 7, 12); - Round1 (&D, A, B, C, 13, 12, 13); - Round1 (&C, D, A, B, 14, 17, 14); - Round1 (&B, C, D, A, 15, 22, 15); - - //Round 2 - Round2 (&A, B, C, D, 1, 5, 16); - Round2 (&D, A, B, C, 6, 9, 17); - Round2 (&C, D, A, B, 11, 14, 18); - Round2 (&B, C, D, A, 0, 20, 19); - Round2 (&A, B, C, D, 5, 5, 20); - Round2 (&D, A, B, C, 10, 9, 21); - Round2 (&C, D, A, B, 15, 14, 22); - Round2 (&B, C, D, A, 4, 20, 23); - Round2 (&A, B, C, D, 9, 5, 24); - Round2 (&D, A, B, C, 14, 9, 25); - Round2 (&C, D, A, B, 3, 14, 26); - Round2 (&B, C, D, A, 8, 20, 27); - Round2 (&A, B, C, D, 13, 5, 28); - Round2 (&D, A, B, C, 2, 9, 29); - Round2 (&C, D, A, B, 7, 14, 30); - Round2 (&B, C, D, A, 12, 20, 31); - - //Round 3 - Round3 (&A, B, C, D, 5, 4, 32); - Round3 (&D, A, B, C, 8, 11, 33); - Round3 (&C, D, A, B, 11, 16, 34); - Round3 (&B, C, D, A, 14, 23, 35); - Round3 (&A, B, C, D, 1, 4, 36); - Round3 (&D, A, B, C, 4, 11, 37); - Round3 (&C, D, A, B, 7, 16, 38); - Round3 (&B, C, D, A, 10, 23, 39); - Round3 (&A, B, C, D, 13, 4, 40); - Round3 (&D, A, B, C, 0, 11, 41); - Round3 (&C, D, A, B, 3, 16, 42); - Round3 (&B, C, D, A, 6, 23, 43); - Round3 (&A, B, C, D, 9, 4, 44); - Round3 (&D, A, B, C, 12, 11, 45); - Round3 (&C, D, A, B, 15, 16, 46); - Round3 (&B, C, D, A, 2, 23, 47); - - //Round 4 - Round4 (&A, B, C, D, 0, 6, 48); - Round4 (&D, A, B, C, 7, 10, 49); - Round4 (&C, D, A, B, 14, 15, 50); - Round4 (&B, C, D, A, 5, 21, 51); - Round4 (&A, B, C, D, 12, 6, 52); - Round4 (&D, A, B, C, 3, 10, 53); - Round4 (&C, D, A, B, 10, 15, 54); - Round4 (&B, C, D, A, 1, 21, 55); - Round4 (&A, B, C, D, 8, 6, 56); - Round4 (&D, A, B, C, 15, 10, 57); - Round4 (&C, D, A, B, 6, 15, 58); - Round4 (&B, C, D, A, 13, 21, 59); - Round4 (&A, B, C, D, 4, 6, 60); - Round4 (&D, A, B, C, 11, 10, 61); - Round4 (&C, D, A, B, 2, 15, 62); - Round4 (&B, C, D, A, 9, 21, 63); - - // Then perform the following additions. (let's add) - *A2 = A + AA; - *B2 = B + BB; - *C2 = C + CC; - *D2 = D + DD; - - //The clearance of confidential information - memset (pX, 0, sizeof (X)); + MD5_state state; + MD5_init(&state); + MD5_block block; + size_t rem = msglen; + while (rem >= 64) + { + for (int i=0; i<0x10; i++) + X[i] = msg[4*i+0] | msg[4*i+1]<<8 | msg[4*i+2]<<16 | msg[4*i+3]<<24; + MD5_do_block(&state, block); + msg += 64; + rem -= 64; + } + // now pad 1-512 bits + the 64-bit length - may be two blocks + uint8_t buf[0x40] = {}; + memcpy (buf, msg, rem); + buf[rem] = 0x80; // a single one bit + if (64 - rem > 8) + { + for (int i=0; i<8; i++) + buf[0x38+i] = (msglen*8) >> (i*8); + } + for (int i=0; i<0x10; i++) + X[i] = buf[4*i+0] | buf[4*i+1]<<8 | buf[4*i+2]<<16 | buf[4*i+3]<<24; + MD5_do_block(&state, block); + if (64 - rem <= 8) + { + memset(buf,'\0', 0x38); + for (int i=0; i<8; i++) + buf[0x38+i] = (msglen*8) >> (i*8); + for (int i=0; i<0x10; i++) + X[i] = buf[4*i+0] | buf[4*i+1]<<8 | buf[4*i+2]<<16 | buf[4*i+3]<<24; + MD5_do_block(&state, block); + } + return state; } -//------------------------------------------------------------------- -// The function for the exteriors - -/** output is the coded binary in the character sequence which wants to code string. */ -void MD5_String2binary (const char *string, char *output) +// This could be reimplemented without the strlen() +MD5_state MD5_from_cstring(const char* msg) { -//var - /*8bit */ - unsigned char padding_message[64]; //Extended message 512bit 64byte - unsigned char *pstring; //The position of string in the present scanning notes is held. - -// unsigned char digest[16]; - /*32bit */ - unsigned int string_byte_len, //The byte chief of string is held. - string_bit_len, //The bit length of string is held. - copy_len, //The number of bytes which is used by 1-3 and which remained - msg_digest[4]; //Message digest 128bit 4byte - unsigned int *A = &msg_digest[0], //The message digest in accordance with RFC (reference) - *B = &msg_digest[1], *C = &msg_digest[2], *D = &msg_digest[3]; - int i; + return MD5_from_string(msg, strlen(msg)); +} -//prog - //Step 3.Initialize MD Buffer (although it is the initialization; step 3 of A, B, C, and D -- unavoidable -- a head) - *A = 0x67452301; - *B = 0xefcdab89; - *C = 0x98badcfe; - *D = 0x10325476; +MD5_state MD5_from_FILE(FILE* in) { + uint64_t total_len = 0; - //Step 1.Append Padding Bits (extension of a mark bit) - //1-1 - string_byte_len = strlen (string); //The byte chief of a character sequence is acquired. - pstring = (unsigned char *) string; //The position of the present character sequence is set. + uint8_t buf[0x40]; + uint8_t block_len = 0; - //1-2 Repeat calculation until length becomes less than 64 bytes. - for (i = string_byte_len; 64 <= i; i -= 64, pstring += 64) - MD5_Round_Calculate (pstring, A, B, C, D); + MD5_state state; + MD5_init(&state); - //1-3 - copy_len = string_byte_len % 64; //The number of bytes which remained is computed. - strncpy ((char *) padding_message, (char *) pstring, copy_len); //A message is copied to an extended bit sequence. - memset (padding_message + copy_len, 0, 64 - copy_len); //It buries by 0 until it becomes extended bit length. - padding_message[copy_len] |= 0x80; //The next of a message is 1. + MD5_block block; - //1-4 - //If 56 bytes or more (less than 64 bytes) of remainder becomes, it will calculate by extending to 64 bytes. - if (56 <= copy_len) + while (true) { - MD5_Round_Calculate (padding_message, A, B, C, D); - memset (padding_message, 0, 56); //56 bytes is newly fill uped with 0. + size_t rv = fread(buf + block_len, 1, 0x40 - block_len, in); + if (!rv) + break; + total_len += 8*rv; // in bits + block_len += rv; + if (block_len != 0x40) + continue; + for (int i=0; i<0x10; i++) + X[i] = buf[4*i+0] | buf[4*i+1]<<8 | buf[4*i+2]<<16 | buf[4*i+3]<<24; + MD5_do_block(&state, block); + block_len = 0; } - - //Step 2.Append Length (the information on length is added) - string_bit_len = string_byte_len * 8; //From the byte chief to bit length (32 bytes of low rank) - memcpy (&padding_message[56], &string_bit_len, 4); //32 bytes of low rank is set. - - //When bit length cannot be expressed in 32 bytes of low rank, it is a beam raising to a higher rank. - if (UINT_MAX / 8 < string_byte_len) + // no more input, just pad and append the length + buf[block_len] = 0x80; + memset(buf + block_len + 1, '\0', 0x40 - block_len - 1); + if (block_len < 0x38) { - unsigned int high = (string_byte_len - UINT_MAX / 8) * 8; - memcpy (&padding_message[60], &high, 4); + for (int i=0; i<8; i++) + buf[0x38+i] = total_len >> i*8; } - else - memset (&padding_message[60], 0, 4); //In this case, it is good for a higher rank at 0. - - //Step 4.Process Message in 16-Word Blocks (calculation of MD5) - MD5_Round_Calculate (padding_message, A, B, C, D); - - //Step 5.Output (output) - memcpy (output, msg_digest, 16); -// memcpy (digest, msg_digest, and 16); //8 byte*4 < - 32byte conversion A function called Encode as used in the field of RFC -/* sprintf(output, - "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - digest[ 0], digest[ 1], digest[ 2], digest[ 3], - digest[ 4], digest[ 5], digest[ 6], digest[ 7], - digest[ 8], digest[ 9], digest[10], digest[11], - digest[12], digest[13], digest[14], digest[15]);*/ + for (int i=0; i<0x10; i++) + X[i] = buf[4*i+0] | buf[4*i+1]<<8 | buf[4*i+2]<<16 | buf[4*i+3]<<24; + MD5_do_block(&state, block); + if (0x38 <= block_len) + { + memset(buf, '\0', 0x38); + for (int i=0; i<8; i++) + buf[0x38+i] = total_len >> i*8; + for (int i=0; i<0x10; i++) + X[i] = buf[4*i+0] | buf[4*i+1]<<8 | buf[4*i+2]<<16 | buf[4*i+3]<<24; + MD5_do_block(&state, block); + } + return state; } -/** output is the coded character sequence in the character sequence which wants to code string. */ -void MD5_String (const char *string, char *output) -{ - unsigned char digest[16]; - - MD5_String2binary (string, digest); - sprintf (output, - "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - digest[0], digest[1], digest[2], digest[3], - digest[4], digest[5], digest[6], digest[7], - digest[8], digest[9], digest[10], digest[11], - digest[12], digest[13], digest[14], digest[15]); -} // Hash a password with a salt. -char *MD5_saltcrypt(const char *key, const char *salt) +// Whoever wrote this FAILS programming +const char *MD5_saltcrypt(const char *key, const char *salt) { - char buf[66], *sbuf = buf+32; - static char obuf[33]; + char buf[65]; - // hash the key then the salt - // buf ends up as a 64char null terminated string - MD5_String(key, buf); - MD5_String(salt, sbuf); + // hash the key then the salt + // buf ends up as a 64-char NUL-terminated string + MD5_to_str(MD5_from_cstring(key), buf); + MD5_to_str(MD5_from_cstring(salt), buf+32); - // Hash the buffer back into sbuf - MD5_String(buf, sbuf); + // Hash the buffer back into sbuf - this is stupid + // (luckily, putting the result into itself is safe) + MD5_to_str(MD5_from_cstring(buf), buf+32); - snprintf(obuf, 32, "!%s$%s", salt, sbuf); - return(obuf); + static char obuf[33]; + // This truncates the string, but we have to keep it like that for compatibility + snprintf(obuf, 32, "!%s$%s", salt, buf+32); + return obuf; } -char *make_salt() { - static char salt[6]; - int i; - for (i=0; i<5; i++) - salt[i] = (char)((mt_rand() % 78) + 48); - salt[5] = '\0'; - return(salt); +const char *make_salt() { + static char salt[6]; + for (int i=0; i<5; i++) + salt[i] = MPRAND(48, 78); + return salt; } -int pass_ok(const char *password, const char *crypted) { - char buf[40], *salt=buf+1; +bool pass_ok(const char *password, const char *crypted) { + char buf[40]; + strncpy(buf, crypted, 40); + char *salt = buf + 1; + *strchr(salt, '$') = '\0'; - strncpy(buf, crypted, 40); - *strchr(buf, '$') = '\0'; - - if (!strcmp(crypted, MD5_saltcrypt(password, salt))) - return(1); - - return(0); + return !strcmp(crypted, MD5_saltcrypt(password, salt)); } // [M|h]ashes up an IP address and a secret key @@ -337,13 +312,13 @@ int pass_ok(const char *password, const char *crypted) { in_addr_t MD5_ip(char *secret, in_addr_t ip) { char ipbuf[32]; - char obuf[16]; + uint8_t obuf[16]; union { struct bytes { - unsigned char b1; - unsigned char b2; - unsigned char b3; - unsigned char b4; + uint8_t b1; + uint8_t b2; + uint8_t b3; + uint8_t b4; } bytes; in_addr_t ip; } conv; @@ -351,7 +326,8 @@ in_addr_t MD5_ip(char *secret, in_addr_t ip) // MD5sum a secret + the IP address memset(&ipbuf, 0, sizeof(ipbuf)); snprintf(ipbuf, sizeof(ipbuf), "%lu%s", (unsigned long)ip, secret); - MD5_String2binary(ipbuf, obuf); + /// TODO stop it from being a cstring + MD5_to_bin(MD5_from_cstring(ipbuf), obuf); // Fold the md5sum to 32 bits, pack the bytes to an in_addr_t conv.bytes.b1 = obuf[0] ^ obuf[1] ^ obuf[8] ^ obuf[9]; @@ -361,4 +337,3 @@ in_addr_t MD5_ip(char *secret, in_addr_t ip) return conv.ip; } - |