Mercurial > pidgin.yaz
annotate src/protocols/yahoo/crypt.c @ 10687:b256ce6b85b8
[gaim-migrate @ 12235]
grim says this is really fixed this time.
committer: Tailor Script <tailor@pidgin.im>
author | Etan Reisner <pidgin@unreliablesource.net> |
---|---|
date | Sat, 12 Mar 2005 01:10:37 +0000 |
parents | 72a5babfa8b4 |
children | 923b78741964 |
rev | line source |
---|---|
2795 | 1 /* One way encryption based on MD5 sum. |
2 Copyright (C) 1996, 1997, 1999, 2000 Free Software Foundation, Inc. | |
3 This file is part of the GNU C Library. | |
4 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. | |
5 | |
6 The GNU C Library is free software; you can redistribute it and/or | |
7 modify it under the terms of the GNU Lesser General Public | |
8 License as published by the Free Software Foundation; either | |
9 version 2.1 of the License, or (at your option) any later version. | |
10 | |
11 The GNU C Library is distributed in the hope that it will be useful, | |
12 but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 Lesser General Public License for more details. | |
15 | |
16 You should have received a copy of the GNU Lesser General Public | |
17 License along with the GNU C Library; if not, write to the Free | |
18 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA | |
19 02111-1307 USA. */ | |
20 | |
21 /* warmenhoven took this file and made it work with the md5.[ch] we | |
22 * already had. isn't that lovely. people should just use linux or | |
23 * freebsd, crypt works properly on those systems. i hate solaris */ | |
24 | |
25 #include <string.h> | |
26 #include <stdlib.h> | |
27 #include <glib.h> | |
28 | |
10684 | 29 #include "cipher.h" |
2795 | 30 |
31 /* Define our magic string to mark salt for MD5 "encryption" | |
32 replacement. This is meant to be the same as for other MD5 based | |
33 encryption implementations. */ | |
34 static const char md5_salt_prefix[] = "$1$"; | |
35 | |
36 /* Table with characters for base64 transformation. */ | |
37 static const char b64t[64] = | |
38 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | |
39 | |
5583 | 40 char *yahoo_crypt(const char *key, const char *salt) |
2795 | 41 { |
10684 | 42 GaimCipher *cipher; |
43 GaimCipherContext *context1, *context2; | |
44 guint8 digest[16]; | |
2795 | 45 static char *buffer = NULL; |
46 static int buflen = 0; | |
47 int needed = 3 + strlen (salt) + 1 + 26 + 1; | |
48 | |
49 size_t salt_len; | |
50 size_t key_len; | |
51 size_t cnt; | |
10687
b256ce6b85b8
[gaim-migrate @ 12235]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10684
diff
changeset
|
52 |
2795 | 53 char *cp; |
54 | |
55 if (buflen < needed) { | |
56 buflen = needed; | |
57 if ((buffer = g_realloc(buffer, buflen)) == NULL) | |
58 return NULL; | |
59 } | |
60 | |
10684 | 61 cipher = gaim_ciphers_find_cipher("md5"); |
62 context1 = gaim_cipher_context_new(cipher, NULL); | |
63 context2 = gaim_cipher_context_new(cipher, NULL); | |
64 | |
2795 | 65 /* Find beginning of salt string. The prefix should normally always |
10684 | 66 * be present. Just in case it is not. |
67 */ | |
2795 | 68 if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0) |
69 /* Skip salt prefix. */ | |
70 salt += sizeof (md5_salt_prefix) - 1; | |
71 | |
72 salt_len = MIN (strcspn (salt, "$"), 8); | |
73 key_len = strlen (key); | |
74 | |
75 /* Add the key string. */ | |
10684 | 76 gaim_cipher_context_append(context1, key, key_len); |
2795 | 77 |
78 /* Because the SALT argument need not always have the salt prefix we | |
10684 | 79 * add it separately. |
80 */ | |
81 gaim_cipher_context_append(context1, md5_salt_prefix, | |
82 sizeof(md5_salt_prefix) - 1); | |
2795 | 83 |
84 /* The last part is the salt string. This must be at most 8 | |
10684 | 85 * characters and it ends at the first `$' character (for |
86 * compatibility which existing solutions). | |
87 */ | |
88 gaim_cipher_context_append(context1, salt, salt_len); | |
2795 | 89 |
90 /* Compute alternate MD5 sum with input KEY, SALT, and KEY. The | |
10684 | 91 * final result will be added to the first context. |
92 */ | |
2795 | 93 |
94 /* Add key. */ | |
10684 | 95 gaim_cipher_context_append(context2, key, key_len); |
2795 | 96 |
97 /* Add salt. */ | |
10684 | 98 gaim_cipher_context_append(context2, salt, salt_len); |
2795 | 99 |
100 /* Add key again. */ | |
10684 | 101 gaim_cipher_context_append(context2, key, key_len); |
2795 | 102 |
10684 | 103 /* Now get result of this (16 bytes) and add it to the other context. */ |
10687
b256ce6b85b8
[gaim-migrate @ 12235]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10684
diff
changeset
|
104 gaim_cipher_context_digest(context2, sizeof(digest), digest, NULL); |
2795 | 105 |
106 /* Add for any character in the key one byte of the alternate sum. */ | |
107 for (cnt = key_len; cnt > 16; cnt -= 16) | |
10684 | 108 gaim_cipher_context_append(context1, digest, 16); |
109 gaim_cipher_context_append(context1, digest, cnt); | |
2795 | 110 |
111 /* For the following code we need a NUL byte. */ | |
10684 | 112 digest[0] = '\0'; |
2795 | 113 |
114 /* The original implementation now does something weird: for every 1 | |
10684 | 115 * bit in the key the first 0 is added to the buffer, for every 0 |
116 * bit the first character of the key. This does not seem to be | |
117 * what was intended but we have to follow this to be compatible. | |
118 */ | |
2795 | 119 for (cnt = key_len; cnt > 0; cnt >>= 1) |
10684 | 120 gaim_cipher_context_append(context1, |
121 (cnt & 1) != 0 ? digest : (guint8 *)key, 1); | |
2795 | 122 |
123 /* Create intermediate result. */ | |
10687
b256ce6b85b8
[gaim-migrate @ 12235]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10684
diff
changeset
|
124 gaim_cipher_context_digest(context1, sizeof(digest), digest, NULL); |
2795 | 125 |
126 /* Now comes another weirdness. In fear of password crackers here | |
10684 | 127 * comes a quite long loop which just processes the output of the |
128 * previous round again. We cannot ignore this here. | |
129 */ | |
2795 | 130 for (cnt = 0; cnt < 1000; ++cnt) { |
131 /* New context. */ | |
10684 | 132 gaim_cipher_context_reset(context2, NULL); |
2795 | 133 |
134 /* Add key or last result. */ | |
135 if ((cnt & 1) != 0) | |
10684 | 136 gaim_cipher_context_append(context2, key, key_len); |
2795 | 137 else |
10684 | 138 gaim_cipher_context_append(context2, digest, 16); |
2795 | 139 |
140 /* Add salt for numbers not divisible by 3. */ | |
141 if (cnt % 3 != 0) | |
10684 | 142 gaim_cipher_context_append(context2, salt, salt_len); |
2795 | 143 |
144 /* Add key for numbers not divisible by 7. */ | |
145 if (cnt % 7 != 0) | |
10684 | 146 gaim_cipher_context_append(context2, key, key_len); |
2795 | 147 |
148 /* Add key or last result. */ | |
149 if ((cnt & 1) != 0) | |
10684 | 150 gaim_cipher_context_append(context2, digest, 16); |
2795 | 151 else |
10684 | 152 gaim_cipher_context_append(context2, key, key_len); |
2795 | 153 |
154 /* Create intermediate result. */ | |
10687
b256ce6b85b8
[gaim-migrate @ 12235]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10684
diff
changeset
|
155 gaim_cipher_context_digest(context2, sizeof(digest), digest, NULL); |
2795 | 156 } |
157 | |
10684 | 158 /* Now we can construct the result string. It consists of three parts. */ |
2795 | 159 strncpy(buffer, md5_salt_prefix, MAX (0, buflen)); |
160 cp = buffer + strlen(buffer); | |
161 buflen -= sizeof (md5_salt_prefix); | |
162 | |
163 strncpy(cp, salt, MIN ((size_t) buflen, salt_len)); | |
164 cp = cp + strlen(cp); | |
165 buflen -= MIN ((size_t) buflen, salt_len); | |
166 | |
167 if (buflen > 0) { | |
168 *cp++ = '$'; | |
169 --buflen; | |
170 } | |
171 | |
172 #define b64_from_24bit(B2, B1, B0, N) \ | |
173 do { \ | |
174 unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \ | |
175 int n = (N); \ | |
176 while (n-- > 0 && buflen > 0) { \ | |
177 *cp++ = b64t[w & 0x3f]; \ | |
178 --buflen; \ | |
179 w >>= 6; \ | |
180 }\ | |
181 } while (0) | |
182 | |
10684 | 183 b64_from_24bit (digest[0], digest[6], digest[12], 4); |
184 b64_from_24bit (digest[1], digest[7], digest[13], 4); | |
185 b64_from_24bit (digest[2], digest[8], digest[14], 4); | |
186 b64_from_24bit (digest[3], digest[9], digest[15], 4); | |
187 b64_from_24bit (digest[4], digest[10], digest[5], 4); | |
188 b64_from_24bit (0, 0, digest[11], 2); | |
2795 | 189 if (buflen <= 0) { |
190 g_free(buffer); | |
191 buffer = NULL; | |
192 } else | |
193 *cp = '\0'; /* Terminate the string. */ | |
194 | |
195 /* Clear the buffer for the intermediate result so that people | |
10684 | 196 * attaching to processes or reading core dumps cannot get any |
197 * information. We do it in this way to clear correct_words[] | |
198 * inside the MD5 implementation as well. | |
199 */ | |
200 gaim_cipher_context_reset(context1, NULL); | |
10687
b256ce6b85b8
[gaim-migrate @ 12235]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10684
diff
changeset
|
201 gaim_cipher_context_digest(context1, sizeof(digest), digest, NULL); |
10684 | 202 gaim_cipher_context_destroy(context1); |
203 gaim_cipher_context_destroy(context2); | |
2795 | 204 |
205 return buffer; | |
206 } |