Mercurial > pidgin

comparison libpurple/protocols/yahoo/yahoo_crypt.c @ 15373:5fe8042783c1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Rename gtk/ and libgaim/ to pidgin/ and libpurple/
author Sean Egan <seanegan@gmail.com>
date Sat, 20 Jan 2007 02:32:10 +0000
parents
children 32c366eeeb99
comparison
equal deleted inserted replaced
15372:f79e0f4df793 15373:5fe8042783c1
1 /* One way encryption based on MD5 sum.
2 Copyright (C) 1996, 1997, 1999, 2000 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
5
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
10
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, write to the Free
18 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
19 02111-1307 USA. */
20
21 /* warmenhoven took this file and made it work with the md5.[ch] we
22 * already had. isn't that lovely. people should just use linux or
23 * freebsd, crypt works properly on those systems. i hate solaris */
24
25 #include <string.h>
26 #include <stdlib.h>
27 #include <glib.h>
28
29 #include "cipher.h"
30 #include "yahoo_crypt.h"
31
32 /* Define our magic string to mark salt for MD5 "encryption"
33 replacement. This is meant to be the same as for other MD5 based
34 encryption implementations. */
35 static const char md5_salt_prefix[] = "$1$";
36
37 /* Table with characters for base64 transformation. */
38 static const char b64t[64] =
39 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
40
41 char *yahoo_crypt(const char *key, const char *salt)
42 {
43 GaimCipher *cipher;
44 GaimCipherContext *context1, *context2;
45 guchar digest[16];
46 static char *buffer = NULL;
47 static int buflen = 0;
48 int needed = 3 + strlen (salt) + 1 + 26 + 1;
49
50 size_t salt_len;
51 size_t key_len;
52 size_t cnt;
53
54 char *cp;
55
56 if (buflen < needed) {
57 buflen = needed;
58 if ((buffer = g_realloc(buffer, buflen)) == NULL)
59 return NULL;
60 }
61
62 cipher = gaim_ciphers_find_cipher("md5");
63 context1 = gaim_cipher_context_new(cipher, NULL);
64 context2 = gaim_cipher_context_new(cipher, NULL);
65
66 /* Find beginning of salt string. The prefix should normally always
67 * be present. Just in case it is not.
68 */
69 if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0)
70 /* Skip salt prefix. */
71 salt += sizeof (md5_salt_prefix) - 1;
72
73 salt_len = MIN (strcspn (salt, "$"), 8);
74 key_len = strlen (key);
75
76 /* Add the key string. */
77 gaim_cipher_context_append(context1, (const guchar *)key, key_len);
78
79 /* Because the SALT argument need not always have the salt prefix we
80 * add it separately.
81 */
82 gaim_cipher_context_append(context1, (const guchar *)md5_salt_prefix,
83 sizeof(md5_salt_prefix) - 1);
84
85 /* The last part is the salt string. This must be at most 8
86 * characters and it ends at the first `$' character (for
87 * compatibility which existing solutions).
88 */
89 gaim_cipher_context_append(context1, (const guchar *)salt, salt_len);
90
91 /* Compute alternate MD5 sum with input KEY, SALT, and KEY. The
92 * final result will be added to the first context.
93 */
94
95 /* Add key. */
96 gaim_cipher_context_append(context2, (const guchar *)key, key_len);
97
98 /* Add salt. */
99 gaim_cipher_context_append(context2, (const guchar *)salt, salt_len);
100
101 /* Add key again. */
102 gaim_cipher_context_append(context2, (const guchar *)key, key_len);
103
104 /* Now get result of this (16 bytes) and add it to the other context. */
105 gaim_cipher_context_digest(context2, sizeof(digest), digest, NULL);
106
107 /* Add for any character in the key one byte of the alternate sum. */
108 for (cnt = key_len; cnt > 16; cnt -= 16)
109 gaim_cipher_context_append(context1, digest, 16);
110 gaim_cipher_context_append(context1, digest, cnt);
111
112 /* For the following code we need a NUL byte. */
113 digest[0] = '\0';
114
115 /* The original implementation now does something weird: for every 1
116 * bit in the key the first 0 is added to the buffer, for every 0
117 * bit the first character of the key. This does not seem to be
118 * what was intended but we have to follow this to be compatible.
119 */
120 for (cnt = key_len; cnt > 0; cnt >>= 1)
121 gaim_cipher_context_append(context1,
122 (cnt & 1) != 0 ? digest : (guchar *)key, 1);
123
124 /* Create intermediate result. */
125 gaim_cipher_context_digest(context1, sizeof(digest), digest, NULL);
126
127 /* Now comes another weirdness. In fear of password crackers here
128 * comes a quite long loop which just processes the output of the
129 * previous round again. We cannot ignore this here.
130 */
131 for (cnt = 0; cnt < 1000; ++cnt) {
132 /* New context. */
133 gaim_cipher_context_reset(context2, NULL);
134
135 /* Add key or last result. */
136 if ((cnt & 1) != 0)
137 gaim_cipher_context_append(context2, (const guchar *)key, key_len);
138 else
139 gaim_cipher_context_append(context2, digest, 16);
140
141 /* Add salt for numbers not divisible by 3. */
142 if (cnt % 3 != 0)
143 gaim_cipher_context_append(context2, (const guchar *)salt, salt_len);
144
145 /* Add key for numbers not divisible by 7. */
146 if (cnt % 7 != 0)
147 gaim_cipher_context_append(context2, (const guchar *)key, key_len);
148
149 /* Add key or last result. */
150 if ((cnt & 1) != 0)
151 gaim_cipher_context_append(context2, digest, 16);
152 else
153 gaim_cipher_context_append(context2, (const guchar *)key, key_len);
154
155 /* Create intermediate result. */
156 gaim_cipher_context_digest(context2, sizeof(digest), digest, NULL);
157 }
158
159 /* Now we can construct the result string. It consists of three parts. */
160 strncpy(buffer, md5_salt_prefix, MAX (0, buflen));
161 cp = buffer + strlen(buffer);
162 buflen -= sizeof (md5_salt_prefix);
163
164 strncpy(cp, salt, MIN ((size_t) buflen, salt_len));
165 cp = cp + strlen(cp);
166 buflen -= MIN ((size_t) buflen, salt_len);
167
168 if (buflen > 0) {
169 *cp++ = '$';
170 --buflen;
171 }
172
173 #define b64_from_24bit(B2, B1, B0, N) \
174 do { \
175 unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
176 int n = (N); \
177 while (n-- > 0 && buflen > 0) { \
178 *cp++ = b64t[w & 0x3f]; \
179 --buflen; \
180 w >>= 6; \
181 }\
182 } while (0)
183
184 b64_from_24bit (digest[0], digest[6], digest[12], 4);
185 b64_from_24bit (digest[1], digest[7], digest[13], 4);
186 b64_from_24bit (digest[2], digest[8], digest[14], 4);
187 b64_from_24bit (digest[3], digest[9], digest[15], 4);
188 b64_from_24bit (digest[4], digest[10], digest[5], 4);
189 b64_from_24bit (0, 0, digest[11], 2);
190 if (buflen <= 0) {
191 g_free(buffer);
192 buffer = NULL;
193 } else
194 *cp = '\0'; /* Terminate the string. */
195
196 /* Clear the buffer for the intermediate result so that people
197 * attaching to processes or reading core dumps cannot get any
198 * information. We do it in this way to clear correct_words[]
199 * inside the MD5 implementation as well.
200 */
201 gaim_cipher_context_reset(context1, NULL);
202 gaim_cipher_context_digest(context1, sizeof(digest), digest, NULL);
203 gaim_cipher_context_destroy(context1);
204 gaim_cipher_context_destroy(context2);
205
206 return buffer;
207 }